<div dir="ltr">Hi Maxim,<div class="gmail_extra"><br><div class="gmail_quote">On Tue, Mar 19, 2013 at 7:19 AM, Maxim Dounin <span dir="ltr"><<a href="mailto:mdounin@mdounin.ru" target="_blank">mdounin@mdounin.ru</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello!<div class="im">
<br>
</div>As far as I understand, tcp_max_syn_backlog configures global<br>
cumulative limit for all listening sockets, while somaxconn limits<br>
one listening socket backlog. If any of the two is too small -<br>
you'll see SYN packets dropped.<br>
<div class="im"><br>
> > Make sure to check actual listen queue sizes used on listen<br>
> > sockets involved. On Linux (you are using Linux, right?) this<br>
> > should be possible with "ss -nlt" (or "netstat -nlt").<br>
><br>
><br>
> According to `ss -nlt`, send-q on these ports is set to 128. And recv-q on<br>
> all ports is 0. I don't know what this means for recv-q, use default? And<br>
> would default be 1024?<br>
<br>
</div>In "ss -nlt" output send-q column is used to display listen queue<br>
size for listen sockets. Number 128 here means you have listen<br>
queue for 128 connections only. You should tune your backends to<br>
use bigger listen queues, 128 is certanly too small for concurency<br>
5000 you use in your tests.<br>
<br>
(The recv-q column should indicate current number of connections<br>
in listen queue.)</blockquote><div><br></div><div style>This is an excellent tip, thank you! Regardless of whether it fully resolves this issue, I will see about tuning the individual listen socket queues. The server is using libevent's asynchronous HTTP server module, so I'm not sure how much control I have over the socket options. But I will investigate.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">
> But according to `netstat -nlt` both queues are 0?<br>
<br>
</div>This means that netstat isn't showing listen queue sizes on your<br>
host. It looks like many linux systems still always display 0 for<br>
listen sockets.</blockquote><div><br></div><div style>Pretty strange. Oh well. `ss` works for me.</div></div></div></div>