sonewconn: pcb Listen queue overflow
-
Hi,
we see following error messages in the systems log
sonewconn: pcb 0xfffff8014de53498: Listen queue overflow: 193 already in queue awaiting acceptance (107 occurrences)and tried to identify the process following https://blog.tyk.nu/blog/fun-with-freebsd-listen-queue-overflow/ but
netstat -Aan | grep 8014de53498gives no result. Is there another way to trace the error?
cheers,
mike
-
Usually that is the result of some package, are you running any packages?
You might try have to try that very shortly after seeing the error. You could also try using the
-Lswitch to see which queues are largest before you actually hit the limit.Steve
-
Yes we run
haproxy
openvpn
pfBlockerNG 2.1.1_8
zabbix-agentWe see connection drops for webservices behind haproxy and while investigating we found these log entries. From my understanding i don't find the pcb id because the process does not exist anymore so it can not be haproxy as it has a long uptime, right?
I found some issues regarding pfBlockerNG and as it seems to restart it might is the cause
Furthermore i try to find out what kind of limit we hit. Sockets? Networkcard? and can pgBlocker be the reason for connection drops of haproxy services?
Cheers,
Mike
-
It's probably connections coming in faster than HAProxy can service them. Once the queue values is exhausted it starts throwing that error.
You can increase that value quite substantially without a problem but it may just delay the problem.
Set a system tunable
kern.ipc.soacceptqueueto something larger that the default 128. Try 512.See if that eliminates the error or simply delays it's appearance.
Steve
-
This post is deleted!
