From patchwork Thu Aug 15 05:53:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 811 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id 8CCaDtKEVV0MTwAAIUCqbw for ; Thu, 15 Aug 2019 12:14:10 -0400 Received: from proxy6.mail.ord1d.rsapps.net ([172.30.191.6]) by director7.mail.ord1d.rsapps.net with LMTP id 0BdQDtKEVV2+XwAAovjBpQ ; Thu, 15 Aug 2019 12:14:10 -0400 Received: from smtp20.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy6.mail.ord1d.rsapps.net with LMTP id 4LA9DtKEVV29RAAAQyIf0w ; Thu, 15 Aug 2019 12:14:10 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp20.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=greenie.muc.de X-Suspicious-Flag: YES X-Classification-ID: b60cd158-bf77-11e9-b90c-525400b8bfda-1-1 Received: from [216.105.38.7] ([216.105.38.7:48636] helo=lists.sourceforge.net) by smtp20.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 31/64-20412-1D4855D5; Thu, 15 Aug 2019 12:14:09 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1hyINW-0001SA-VM; Thu, 15 Aug 2019 16:13:30 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1hyINV-0001S3-Vj for openvpn-devel@lists.sourceforge.net; Thu, 15 Aug 2019 16:13:29 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=8bOn5UWULw701+v94Ey4WMWsGZF3vFM0Zrv4glfSi4c=; b=jerGdRnCwuwwzgjun8Fu7qqnxA N7PS6Xh9zIUSy6J/py8Bmsup+nSp3ZKAc3HEZFONlPj2a5wmEqfQb2C4u9u0CLEmZ3vKbGYZsnxI0 8R/u3S+sDQYuyL2mpR606jUr93v3H1JumBozNBaC9I5RZlU/nTV4/DO2/JfxQxktAbYY=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=8bOn5UWULw701+v94Ey4WMWsGZF3vFM0Zrv4glfSi4c=; b=e XiU+CbGNlYWAxcXeQgoW7c6zwmUKVd/Rgqmmm7A/oKQPDey75ja0wefqoKJmF/xyKuD7Bfsv9gd2R g1r0i8N8GdRoKC+9q3PNDCGorO+2ueDvGiNz/9+rw/WU81qufxztAUhoApeQH0L12IC1WAtw6ftas CD3wCvszU34HIYmA=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1hyINR-007KLi-Ei for openvpn-devel@lists.sourceforge.net; Thu, 15 Aug 2019 16:13:29 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.14.9/8.14.9) with ESMTP id x7FFrLuj028294 for ; Thu, 15 Aug 2019 17:53:21 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.14.9/8.14.9/Submit) id x7FFrL5T028293 for openvpn-devel@lists.sourceforge.net; Thu, 15 Aug 2019 17:53:21 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Thu, 15 Aug 2019 17:53:19 +0200 Message-Id: <20190815155319.28249-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: muc.de] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1hyINR-007KLi-Ei Subject: [Openvpn-devel] [PATCH] Increase listen() backlog queue to 32 X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox For reasons historically unknown, OpenVPN sets the listen() backlog queue to "1", which signals the kernel "while there is one TCP connect waiting for OpenVPN to handle it, refuse all others" - which, on restarting a busy TCP server, will create connection issues. The exact "best" value of the backlog queue is subject of discussion, but for a server that is not extremely busy with many connections coming in in parallel, there is no real difference between "10" or "500", as long as it's "more than 1". Found and debugged by "mjo" in Trac. Trac: #1208 Signed-off-by: Gert Doering Acked-by: Antonio Quartulli Acked-By: David Sommerseth --- src/openvpn/socket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index c472cf1b..983ed38a 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -1175,7 +1175,7 @@ socket_do_listen(socket_descriptor_t sd, ASSERT(local); msg(M_INFO, "Listening for incoming TCP connection on %s", print_sockaddr(local->ai_addr, &gc)); - if (listen(sd, 1)) + if (listen(sd, 32)) { msg(M_ERR, "TCP: listen() failed"); }