tcp/ip協議listen函數中backlog參數的含義與php-fpm的502 Bad Gateway

標籤：

To understand the backlog argument, we must realize that for a given listening socket, the kernel maintains two queues :
要明白backlog參數的含義，我們必須明白對於一個listening socket，kernel維護者兩個隊列：

1.An incomplete connection queue, which contains an entry for each SYN that has arrived from a client for which the server is awaiting completion of the TCP three-way handshake. These sockets are in the SYN_RCVD state .
1.一個未完成串連的隊列，此隊列維護著那些已收到了用戶端SYN分節資訊，等待完成三路握手的串連，socket的狀態是SYN_RCVD

2.A completed connection queue, which contains an entry for each client with whom the TCP three-way handshake has completed. These sockets are in the ESTABLISHED state 
2.一個已完成的串連的隊列，此隊列包含了那些已經完成三路握手的串連，socket的狀態是ESTABLISHED

The backlog argument to the listen function has historically specified the maximum value for the sum of both queues.
backlog參數曆史上被定義為上面兩個隊列的大小之和

Berkeley-derived implementations add a fudge factor to the backlog: It is multiplied by 1.5
Berkely實現中的backlog值為上面兩隊列之和再乘以1.5

When a SYN arrives from a client, TCP creates a new entry on the incomplete queue and then responds with the second segment of the three-way handshake: the server‘s SYN with an ACK of the client‘s SYN (Section 2.6). This entry will remain on the incomplete queue until the third segment of the three-way handshake arrives (the client‘s ACK of the server‘s SYN), or until the entry times out. (Berkeley-derived implementations have a timeout of 75 seconds for these incomplete entries.)
當用戶端的第一個SYN到達的時候，TCP會在未完成隊列中增加一個新的記錄然後回複給用戶端三路握手中的第二個分節(服務端的SYN和針對用戶端的ACK)，這條記錄會在未完成隊列中一直存在，直到三路握手中的最後一個分節到達，或者直到逾時(Berkeley時間將這個逾時定義為75秒)

If the queues are full when a client SYN arrives, TCP ignores the arriving SYN (pp. 930–931 of TCPv2); it does not send an RST. This is because the condition is considered temporary, and the client TCP will retransmit its SYN, hopefully finding room on the queue in the near future. If the server TCP immediately responded with an RST, the client‘s connect would return an error, forcing the application to handle this condition instead of letting TCP‘s normal retransmission take over. Also, the client could not differentiate between an RST in response to a SYN meaning "there is no server at this port" versus "there is a server at this port but its queues are full."
如果當用戶端SYN到達的時候隊列已滿，TCP將會忽略後續到達的SYN，但是不會給用戶端發送RST資訊，因為此時允許用戶端重傳SYN分節，如果返回錯誤資訊，那麼用戶端將無法分清到底是服務端對應連接埠上沒有相應應用程式還是服務端對應連接埠上隊列已滿這兩種情況

 

通過下面方式可以修改系統的 somaxconn

vim /etc/sysctl.conf

net.core.somaxconn = 2048

sysctl -p

 

在 php-fpm 中，有一個選項是關於這個方面的

listen.backlog = -1

這個數值，最好不要設定為 -1 ，-1 的時候沒不能採用系統的設定數置，導致出現 502 出現

2015/02/11 12:37:22 [error] 25725#0: *1015645 connect() to unix:/tmp/php-cgi.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 222.240.64.190, 

 

解決方案就是手動設定這個數值

listen.backlog = 1024

 

tcp/ip協議listen函數中backlog參數的含義與php-fpm的502 Bad Gateway