From owner-freebsd-questions@FreeBSD.ORG  Mon Mar 16 22:38:59 2015
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 5859A478
 for <questions@freebsd.org>; Mon, 16 Mar 2015 22:38:59 +0000 (UTC)
Received: from mail-in6.apple.com (mail-out6.apple.com [17.151.62.28])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 2A57719D
 for <questions@freebsd.org>; Mon, 16 Mar 2015 22:38:58 +0000 (UTC)
Received: from relay2.apple.com (relay2.apple.com [17.128.113.67])
 by mail-in6.apple.com (Apple Secure Mail Relay) with SMTP id
 D5.92.04468.C7B57055; Mon, 16 Mar 2015 15:38:52 -0700 (PDT)
X-AuditID: 11973e15-f79996d000001174-d1-55075b7c22b1
Received: from [17.149.230.73] (Unknown_Domain [17.149.230.73])
 (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by relay2.apple.com (Apple SCV relay) with SMTP id 65.8B.26186.E6B57055;
 Mon, 16 Mar 2015 15:38:38 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
Subject: Re: sonewconn: pcb 0xfffff801efdd1000: Listen queue overflow: 31
 already in queue awaiting acceptance
From: Charles Swiger <cswiger@mac.com>
In-Reply-To: <20150316213018.GA97580@home.parts-unknown.org>
Date: Mon, 16 Mar 2015 15:38:51 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <22987F08-3543-43BE-A06A-78E76437ADD2@mac.com>
References: <20150316213018.GA97580@home.parts-unknown.org>
To: David Benfell <benfell@parts-unknown.org>
X-Mailer: Apple Mail (2.2070.6)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrDLMWRmVeSWpSXmKPExsUi2FDorFsTzR5qcGulsEXrrL8sFt0nu5kd
 mDxmfJrP4nG9awpTAFMUl01Kak5mWWqRvl0CV8bVNeEFk3gqem8sYWxgfMDZxcjJISFgInHw
 VDcbhC0mceHeeiCbi0NIYC+jxKwZE5i7GDnAiq7vcICIT2WSmPHmPTtIA7OAlsSNfy+ZQGxe
 AQOJuae+gNnCAnkSx273MoL0sgmoSUyYyAMS5hSwkbh38ykriM0ioCrx9mkXC8QYSYmF79dB
 2doSyxa+ZoYYaSXx4v5fsLiQgLVE+8RZYHeKCOhKbFl1iB3iNHmJnk3pIKdJCHxklWjf/5V9
 AqPQLCTXzUJy3SwkKxYwMq9iFMpNzMzRzcwz00ssKMhJ1UvOz93ECAre6XaiOxjPrLI6xCjA
 wajEwxsgwRYqxJpYVlyZe4hRmoNFSZy3se9/iJBAemJJanZqakFqUXxRaU5q8SFGJg5OqQZG
 nr0e7uLTLLsSUrYHqW1e+S1Y+LL3q7sHotTeB0uw6Cpv+rFaa0X9vA1VqrvvlCl6+mQ/nJoT
 +8c60/jcXH23FwsCk27OlT29f+UGrkdvDp26fm/HD06Lt/lnZXO/3H3/z57lziSVzkUqC7b/
 +TLjZ8/Ww5+22i6UVSuRXyV8PnGaZkPwiaLbv5RYijMSDbWYi4oTAaC5JE8/AgAA
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprPLMWRmVeSWpSXmKPExsUiOPWZp25eNHuowbqNYhats/6yWHSf7GZ2
 YPKY8Wk+i8f1rilMAUxRXDYpqTmZZalF+nYJXBlX14QXTOKp6L2xhLGB8QFnFyMHh4SAicT1
 HQ5djJxAppjEhXvr2boYuTiEBKYyScx4854dJMEsoCVx499LJhCbV8BAYu6pL2C2sECexLHb
 vYwgc9gE1CQmTOQBCXMK2Ejcu/mUFcRmEVCVePu0iwVijKTEwvfroGxtiWULXzNDjLSSeHH/
 L1hcSMBaon3iLDYQW0RAV2LLqkPsEGfKS/RsSp/AyD8LyUGzkBw0C8nUBYzMqxgFilJzEiuN
 9BILCnJS9ZLzczcxgoKtodB5B+OxZVaHGAU4GJV4eAMk2EKFWBPLiitzDzFKcDArifB+U2IP
 FeJNSaysSi3Kjy8qzUktPsQozcGiJM7LwwmUEkhPLEnNTk0tSC2CyTJxcEo1MO41qJrx3bxX
 6MtaobCjC7g97rH6Hfz/W173zu+LXmd94+PKf29cWsF3U+XaN6OV6wuZOFYZVV420N39Ld03
 o6P97JsKqy9/L/11V3432SCKp8/xtKbHjWnG++vSmMqmr+YNuxP+aYtUcG5k5eH/a+t8L+y9
 9nB7eapQjP+fazq5E6981zTOeqTEUpyRaKjFXFScCAA/FAF5MgIAAA==
Cc: questions@freebsd.org
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Mar 2015 22:38:59 -0000

On Mar 16, 2015, at 2:30 PM, David Benfell <benfell@parts-unknown.org> =
wrote:
> I'm seeing these messages in my nightly security log output. Googling
> around, I find I should increase kern.ipc.somaxconn. I have. Now to
> 4096. This in turn seems to mean I need to increase apc.shm_size in
> /usr/local/etc/php.ini and I have, now, to 1024M.
[ ... ]
> But 1) I have no idea how to set them properly, and 2) I don't
> understand the relationship.
>=20
> What should I be doing?

They aren't directly related.  You generally need to increase =
apc.shm_size
suitable for however many PHP processes you're running-- generally via =
mod_php
in Apache or fastcgi for nginx and the like.

The listen queue overflow means that your system is failing to process
incoming requests fast enough to keep up.  The bottleneck could be
on a resource like CPU or memory, or serialization against a database
table, or something else.  (You'll want to identify the bottleneck.)

Having a bigger listen queue can be helpful if you see transient bursts
of high activity.  However, if the load is not a brief spike, then
you've only got 90 seconds or so with typical web clients before they
decide to time out and drop the connection.

Don't try growing the listen queue longer than that, because it won't =
help--
in fact, it's counterproductive to system resources on an already-busy =
system.
(Thus notions like "surge queue tuning", "surge protection", etc on
load-balancers commonly used for large sites.)

Regards,
--=20
-Chuck