To understand the backlog argument, we must realize that for a given listening socket, the kernel maintains two queues :
要明白backlog参数的含义,我们必须明白对于一个listening socket,kernel维护者两个队列:
1.An incomplete connection queue, which contains an entry for each SYN that has arrived from a client for which the server is awaiting completion of the TCP three-way handshake. These sockets are in the SYN_RCVD state .
1.一个未完成连接的队列,此队列维护着那些已收到了客户端SYN分节信息,等待完成三路握手的连接,socket的状态是SYN_RCVD
2.A completed connection queue, which contains an entry for each client with whom the TCP three-way handshake has completed. These sockets are in the ESTABLISHED state
2.一个已完成的连接的队列,此队列包含了那些已经完成三路握手的连接,socket的状态是ESTABLISHED
The backlog argument to the listen function has historically specified the maximum value for the sum of both queues.
backlog参数历史上被定义为上面两个队列的大小之和
Berkeley-derived implementations add a fudge factor to the backlog: It is multiplied by 1.5
Berkely实现中的backlog值为上面两队列之和再乘以1.5
When a SYN arrives from a client, TCP creates a new entry on the incomplete queue and then responds with the second segment of the three-way handshake: the server's SYN with an ACK of the client's SYN (Section 2.6). This entry will remain on the incomplete queue until the third segment of the three-way handshake arrives (the client's ACK of the server's SYN), or until the entry times out. (Berkeley-derived implementations have a timeout of 75 seconds for these incomplete entries.)
当客户端的第一个SYN到达的时候,TCP会在未完成队列中增加一个新的记录然后回复给客户端三路握手中的第二个分节(服务端的SYN和针对客户端的ACK),这条记录会在未完成队列中一直存在,直到三路握手中的最后一个分节到达,或者直到超时(Berkeley时间将这个超时定义为75秒)
If the queues are full when a client SYN arrives, TCP ignores the arriving SYN (pp. 930–931 of TCPv2); it does not send an RST. This is because the condition is considered temporary, and the client TCP will retransmit its SYN, hopefully finding room on the queue in the near future. If the server TCP immediately responded with an RST, the client's connect would return an error, forcing the application to handle this condition instead of letting TCP's normal retransmission take over. Also, the client could not differentiate between an RST in response to a SYN meaning "there is no server at this port" versus "there is a server at this port but its queues are full."
如果当客户端SYN到达的时候队列已满,TCP将会忽略后续到达的SYN,但是不会给客户端发送RST信息,因为此时允许客户端重传SYN分节,如果返回错误信息,那么客户端将无法分清到底是服务端对应端口上没有相应应用程序还是服务端对应端口上队列已满这两种情况
通过下面方式可以修改系统的 somaxconn
vim /etc/sysctl.conf
net.core.somaxconn = 2048
sysctl -p
在 php-fpm 中,有一个选项是关于这个方面的
listen.backlog = -1
这个数值,最好不要设置为 -1 ,-1 的时候没不能采用系统的设置数置,导致出现 502 出现
2015/02/11 12:37:22 [error] 25725#0: *1015645 connect() to unix:/tmp/php-cgi.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 222.240.64.190,
解决方法就是手动设置这个数值
listen.backlog = 1024