[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SLAPD_LISTEN increase

netstat -sP tcp works to determine if your server is actively dropping connections due to backlog full conditions. Do the servers show numerous tcpListenDrops?

Quanah Gibson-Mount wrote:

--On Wednesday, May 04, 2005 11:35 PM -0700 Quanah Gibson-Mount <quanah@stanford.edu> wrote:

I will note that this advisory is from 1996, so I'm not sure how much the
SYN flood issue applies... Given the rather large targets painted on
Stanford's servers, if it were an issue I'm fairly certain we'd have seen
it before.

The ndd parameter listed has also changed names since the advisory was
written.  It is:



I personally tune my ndd settings already, although my tcp_conn_req_max_q
is only 1024. I'm somewhat curious about the adb line, and if that has
changed somewhat since then.

Reading Sun's current documentation notes that


should be less than


which is what replaces the adb line in modern Solaris.

See <http://docs.sun.com/app/docs/doc/817-1759/6mhfh76h3?a=view>

It looks like setting:

tcp_conn_req_max_q0 to 10240 may help resolve issues, along with increasing


Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin