Page MenuHomeDevCentral
Create Task
Maniphest T519

Set kern.ipc.somaxconn to 1024 on Ysul
Closed, ResolvedPublic
Actions

Description

Jul 31 19:55:25 ysul kernel: sonewconn: pcb 0xfffff80014bd4ab8: Listen queue overflow: 193 already in queue awaiting acceptance (12484 occurrences)
Jul 31 19:56:26 ysul kernel: sonewconn: pcb 0xfffff80014bd4ab8: Listen queue overflow: 193 already in queue awaiting acceptance (9774 occurrences)
Jul 31 19:57:27 ysul kernel: sonewconn: pcb 0xfffff80014bd4ab8: Listen queue overflow: 193 already in queue awaiting acceptance (14036 occurrences)
Jul 31 19:58:27 ysul kernel: sonewconn: pcb 0xfffff80014bd4ab8: Listen queue overflow: 193 already in queue awaiting acceptance (9025 occurrences)
Jul 31 19:59:28 ysul kernel: sonewconn: pcb 0xfffff80014bd4ab8: Listen queue overflow: 193 already in queue awaiting acceptance (9292 occurrences)
Jul 31 20:00:30 ysul kernel: sonewconn: pcb 0xfffff80014bd4ab8: Listen queue overflow: 193 already in queue awaiting acceptance (13731 occurrences)

Reference: https://www.freebsd.org/doc/handbook/configtuning-kernel-limits.html

Revisions and Commits

rOPS Nasqueron Operations
D2904rOPSbef5764143dc Increase maximum number of connection requests in queue for a socket

Related Objects
Search...

Event Timeline

dereckson closed this task as Resolved.Jul 31 2015, 20:00
dereckson claimed this task.
dereckson triaged this task as Normal priority.
dereckson added a project: Servers.
dereckson added a subscriber: dereckson.
dereckson reopened this task as Open.Jul 31 2015, 20:01
dereckson updated the task description. (Show Details)

I reopen this, as we still have the issue.

Jul 31 20:01:38 ysul kernel: sonewconn: pcb 0xfffff80014bd4ab8: Listen queue overflow: 193 already in queue awaiting acceptance (10642 occurrences)

dereckson removed dereckson as the assignee of this task.Jul 15 2016, 10:41
dereckson added a comment.Apr 12 2022, 22:05

Not a lot of occurence those last months:

/var/log/debug.log on WindRiver
Nov  2 09:42:56 windriver kernel: sonewconn: pcb 0xfffff8003070a7a0 (0.0.0.0:22 (proto 6)): Listen queue overflow: 193 already in queue awaiting acceptance (1 occurrences)
/var/log/debug.log on Ysul
Jun 29 10:12:39 ysul kernel: sonewconn: pcb 0xfffff8011a87d7a0: Listen queue overflow: 193 already in queue awaiting acceptance (65 occurrences)
Dec  5 04:32:53 ysul kernel: sonewconn: pcb 0xfffff8011a1c8000: Listen queue overflow: 193 already in queue awaiting acceptance (1 occurrences)
Feb 17 16:53:52 ysul kernel: sonewconn: pcb 0xfffff8011a1c8000: Listen queue overflow: 193 already in queue awaiting acceptance (756 occurrences)
Nov  2 08:46:15 ysul kernel: sonewconn: pcb 0xfffff80015a021e8: Listen queue overflow: 193 already in queue awaiting acceptance (1 occurrences)
Nov  2 09:45:09 ysul kernel: sonewconn: pcb 0xfffff80015a021e8: Listen queue overflow: 193 already in queue awaiting acceptance (6728 occurrences)
Nov  4 11:05:57 ysul kernel: sonewconn: pcb 0xfffff80015d623d0: Listen queue overflow: 193 already in queue awaiting acceptance (6741 occurrences)
dereckson added a comment.Apr 12 2022, 22:14

The Ysul log from 2015 or the November 6700+ sound like DoS attacks to me.

dereckson added a comment.Mar 23 2023, 23:46

Only a new occurence since last year:

/var/log/debug.log on WindRiver [November 2021 and March 2023]
Nov  2 09:42:56 windriver kernel: sonewconn: pcb 0xfffff8003070a7a0 (0.0.0.0:22 (proto 6)): Listen queue overflow: 193 already in queue awaiting acceptance (1 occurrences)
Mar 16 18:10:22 windriver kernel: sonewconn: pcb 0xfffff80e1bf4d1f0 (0.0.0.0:443 (proto 6)): Listen queue overflow: 193 already in queue awaiting acceptance (1 occurrences)

Sometimes a few occurences, but those last times, A LOT:

/var/log/debug.log on Ysul
Mar 16 19:06:02 ysul kernel: sonewconn: pcb 0xfffff8002ba29d58: Listen queue overflow: 193 already in queue awaiting acceptance (1 occurrences)
Mar 17 21:23:40 ysul kernel: sonewconn: pcb 0xfffff8002ba29d58: Listen queue overflow: 193 already in queue awaiting acceptance (791 occurrences)
Mar 17 22:51:47 ysul kernel: sonewconn: pcb 0xfffff8002ba29d58: Listen queue overflow: 193 already in queue awaiting acceptance (236 occurrences)
Mar 18 06:04:57 ysul kernel: sonewconn: pcb 0xfffff8002ba29d58: Listen queue overflow: 193 already in queue awaiting acceptance (702 occurrences)
Mar 19 00:07:11 ysul kernel: sonewconn: pcb 0xfffff8002ba29d58: Listen queue overflow: 193 already in queue awaiting acceptance (570 occurrences)
Mar 19 02:16:48 ysul kernel: sonewconn: pcb 0xfffff8002ba29d58: Listen queue overflow: 193 already in queue awaiting acceptance (821 occurrences)
Mar 20 00:56:08 ysul kernel: sonewconn: pcb 0xfffff8002ba29d58: Listen queue overflow: 193 already in queue awaiting acceptance (875 occurrences)
dereckson added a comment.Mar 23 2023, 23:46
kern.ipc.somaxconn: 128 -> 1024
dereckson added a revision: D2904: Increase maximum number of connection requests in queue for a socket.Mar 23 2023, 23:53
dereckson added a commit: rOPSbef5764143dc: Increase maximum number of connection requests in queue for a socket.Mar 23 2023, 23:55
dereckson closed this task as Resolved.Mar 24 2023, 00:15
dereckson claimed this task.
dereckson closed subtask T1801: sysctl conflict for router role as Invalid.

Change applied to every FreeBSD server, including Ysul.

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator