[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: spiped max qlen being hit

On 12/20/16 07:40, Dave Cottlehuber wrote:
> <7>Dec 16 16:35:42 0 2016-12-16T16: 35:40.500908+00:00 beatrix kernel -
> - [72288] sonewconn: pcb 0xfffff80d68996cb0: Listen queue overflow: 16
> already in queue awaiting acceptance (64492 occurrences)

This means that either (1) connnections are arriving faster than spiped can
accept them, or (2) spiped stopped accepting connections for a while.

The second possibility is far more likely, considering that...

> 1.  Am I using spiped incorrectly by having it handle many short-lived
> connections? There are usually about 100, sometimes up round 200,
> concurrent HTTP connections most of the time, spread across 6 main
> "client" servers that all connect to the same tunnel endpoint.

... spiped has a default limit of 100 connections.  You can increase this
up to 500 via the -n option; if you need more than that, we'll need to
fix the networking code to use poll instead of select (entirely doable;
it just hasn't happened yet).

> 2. Is it possible/wise to increase the accept queue length for spiped
> somehow? I assume these are initial socket setup parameters, set here
> https://github.com/Tarsnap/spiped/blob/master/libcperciva/util/sock.c#L329
> ? the backend DB is more than capable of handling the load, and accepts
> tuning socket parameters directly.

Yes, but you're almost certainly not hitting the queue limit while spiped
is still accepting connections.

> 3. During testing, i couldn't work out how spiped chooses which DNS
> record to use when multiples are returned - specifically AAAA vs A
> records. Is it possible to force spiped to use either IPv4 or IPv6 (like
> a command-line option flag) instead of whatever comes back from hostname
> lookup?

spiped will use whatever the DNS resolver gives it.  I believe you can set
the resolver preference via the ip6addrctl_policy rc.conf variable.

> 4. are there any other things I could do wrt FreeBSD that might help?

Nothing comes to mind.  Pretty sure this is an spiped issue, not a FreeBSD

Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid