[erlang-questions] listen() backlog limited to 16 bits?

Oscar Hellström <>
Wed May 6 13:04:57 CEST 2009

Matthias Lang wrote:
> Matthias>> ...I can only think of contrived situations
> Matthias>> where there'd be a difference between millions and thousands.
>> My experiments with this is that there is a very close relation between  
>> the backlog and how many connections / second you can handle. When we  
>> tested it though we had very bursty clients, essentially a C program  
>> that would loop out X connections and *then* start to use them. 
> Interesting, though I'd argue that's a contrived situation. Only time
> I'd expect to see behaviour like that is in a DOS attack.

Unless you have a bursty network? Well, getting connection attempts at 
the speed of a tight C loop might not be very realistic, but I still 
think that a too small backlog can become a problem.

> Matthias>>     contorpis:/proc/sys/net/core# echo "2147483648" > somaxconn     
> Matthias>> contorpis:/proc/sys/net/core# cat somaxconn     -18446744071562067968
> Matthias>>
> Matthias>>    I also tried a C program with various backlog arguments.  It feels
> Matthias>>    like something strange is going on, e.g. with a call to listen(s,
> Matthias>>    1) and then sleep() forever, I can still connect several sockets,
> Matthias>>    though it takes about a second per connection after the first
> Matthias>>    few. I wasn't sufficiently interested to figure out why, but if
> Matthias>>    someone knows, it'd be interesting to hear.
>> I'm guessing that since your backlog is negative, you can't  
>> accept connections, but by using syn cookies, the client believes that  
>> the connection has been accepted.
> That was sloppily written up by me. I think the kernel somaxconn value
> was 128 when I tried a C program with backlogs of 5 and 50. The "let's
> try crazy values for somaxconn" test came later, I think, but I can see
> why you'd think the two were related from the way I wrote above. Sorry.
> It's also possible that I accidentally had the crazy somaxconn value
> there while doing more tests.

Right, I understand it different when I really read it. You had a 
backlog of 1 and slept forever. I don't know if Linux would use syn 
cookies before filling the backlog. Maybe I should have looked more at 
how the backlog and the syn cookies interact before I replied :)

> Your syncookie explanation (cut) is interesting. I'll keep it in mind next
> time I see something like this.
> Matthias

Oscar Hellström, 
Phone:  +44 (0)798 45 44 773
Mobile: +44 (0)207 65 50 337
Web:    http://www.erlang-consulting.com

More information about the erlang-questions mailing list