In Linux world there are two queues for TCP connections - SYN and ACCEPT queue.
In nutshell this is how the TCP connections work in Linux:
In nutshell this is how the TCP connections work in Linux:
SYN QUEUE
There is SYN queue which stores all incoming syn connections (SYN RECV). Connections in SYN queue are then transmitted to peer to get SYN ACK Receive. Once SYN ACK comes back for connection, the a connection is fully established. Once connection is fully established, the connection is moved to ACCEPT Queue.
Below commands can be used to check the connections in SYN queue.
There is SYN queue which stores all incoming syn connections (SYN RECV). Connections in SYN queue are then transmitted to peer to get SYN ACK Receive. Once SYN ACK comes back for connection, the a connection is fully established. Once connection is fully established, the connection is moved to ACCEPT Queue.
Below commands can be used to check the connections in SYN queue.
ss -n state syn-recv | wc –l
If you want to check connections on specific port below command can be used.
ss -n state syn-recv sport = :80 | wc –l
Other commands that can be used to check SYN queue.
netstat -tuna | grep SYN_RECV
netstat -tuna | grep SYN_RECV
Each slot in SYN Queue uses some memory. Usually each socket entry in SYN queue takes 256 bytes of memory.
SYN queue backlog size can be set using net.ipv4.tcp_max_syn_backlog TCP flag.
ACCEPT QUEUE
ACCEPT QUEUE
ACCEPT queue contains the fully established TCP connections ready to be used by Application. When Application accepts the connections, connections are moved out of Accept queue.
Accept Queue size can be checked using below command.
$ ss -plnt sport = :6443|cat
To check accept queue size on specific port below command can be used.
$ ss -plnt sport = :6443|cat
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 1024 *:6443 *:*
The column Recv-Q shows the number of sockets in the Accept Queue, and Send-Q shows the backlog parameter.
Command to Check if TCP Accept Queue is Overflowing.
ss -n state syn-recv sport = :80 | wc -l
Accept Queue Size can be tuned using flag net.core.somaxconn
Both SYN queue and ACCEPT queue are in kernel space. Once the established connection from Accept queue is picked up by Application, the Connection moves out of Accept queue and kernel space and goes into userspace.
Products to which Article Applies
All Linux Operating Systems
Search Keywords: TCP Connection Connections TCPIP TCP/IP IP SYN ACCEPT Backlog network communication queue socket receive send transmit transmission packet listen listener tune tuning command commands
Article Author: Tarun Boyella
No comments:
Post a Comment