On 12/20/16 07:40, Dave Cottlehuber wrote: > <7>Dec 16 16:35:42 0 2016-12-16T16: 35:40.500908+00:00 beatrix kernel - > - [72288] sonewconn: pcb 0xfffff80d68996cb0: Listen queue overflow: 16 > already in queue awaiting acceptance (64492 occurrences)
This means that either (1) connnections are arriving faster than spiped can accept them, or (2) spiped stopped accepting connections for a while. The second possibility is far more likely, considering that... > 1. Am I using spiped incorrectly by having it handle many short-lived > connections? There are usually about 100, sometimes up round 200, > concurrent HTTP connections most of the time, spread across 6 main > "client" servers that all connect to the same tunnel endpoint. ... spiped has a default limit of 100 connections. You can increase this up to 500 via the -n option; if you need more than that, we'll need to fix the networking code to use poll instead of select (entirely doable; it just hasn't happened yet). > 2. Is it possible/wise to increase the accept queue length for spiped > somehow? I assume these are initial socket setup parameters, set here > https://github.com/Tarsnap/spiped/blob/master/libcperciva/util/sock.c#L329 > ? the backend DB is more than capable of handling the load, and accepts > tuning socket parameters directly. Yes, but you're almost certainly not hitting the queue limit while spiped is still accepting connections. > 3. During testing, i couldn't work out how spiped chooses which DNS > record to use when multiples are returned - specifically AAAA vs A > records. Is it possible to force spiped to use either IPv4 or IPv6 (like > a command-line option flag) instead of whatever comes back from hostname > lookup? spiped will use whatever the DNS resolver gives it. I believe you can set the resolver preference via the ip6addrctl_policy rc.conf variable. > 4. are there any other things I could do wrt FreeBSD that might help? Nothing comes to mind. Pretty sure this is an spiped issue, not a FreeBSD issue. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid