On 15/08/2019 17:53, Gert Doering wrote:
> For reasons historically unknown, OpenVPN sets the listen() backlog
> queue to "1", which signals the kernel "while there is one TCP connect
> waiting for OpenVPN to handle it, refuse all others" - which, on
> restarting a busy TCP server, will create connection issues.
> The exact "best" value of the backlog queue is subject of discussion,
> but for a server that is not extremely busy with many connections
> coming in in parallel, there is no real difference between "10" or "500",
> as long as it's "more than 1".
> Found and debugged by "mjo" in Trac.
> Trac: #1208
> Signed-off-by: Gert Doering <g...@greenie.muc.de>

Acked-By: David Sommerseth <dav...@openvpn.net>

I agree with Antonio, and we should make it somewhat easier to modify.  I'm
not sure if there's value in having it as a runtime option, like
--socket-backlog (or something like that), or as a value you can pass to
./configure at compile time.

kind regards,

David Sommerseth
OpenVPN Inc

Attachment: signature.asc
Description: OpenPGP digital signature

Openvpn-devel mailing list

Reply via email to