diff options
author | Linus Nordberg <linus@nordu.net> | 2017-01-18 14:25:26 +0100 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2017-01-18 14:25:26 +0100 |
commit | f3619bf65967255e1009fec42b28007b49e0f4e4 (patch) | |
tree | fb3b5abaa2ef1b37465f53bc88c29dbdb5320a26 | |
parent | 829c65af8e4eee61168f3499c8fb23d458dbf0d3 (diff) |
Use a listen(2) backlog of 128.
There's a chance that incoming (legitimate) connections arrive faster
than what it takes to spawn a new thread and get back to
listen(). Therefore we should ask the stack to queue at least one
entry, i.e. use a backlog value of at least 1. There's arguable also a
chance of more than two concurrent incoming connections, which would
make a case for a backlog value greater than one.
A reasonable high value seems to be 128, which also is what SOMAXCONN
is on many unix systems. In the choice between 1 and 128, an argument
against the higher value is that it may mask the potential problem of
spending a long time serving incoming connections.
Being reasonably confident that radsecproxy is efficient when it comes
to serving incoming connections, by handing them off to a newly
spawned thread, I think that 128 is a fine choice.
Closes RADSECPROXY-72.
-rw-r--r-- | tcp.c | 2 | ||||
-rw-r--r-- | tls.c | 2 |
2 files changed, 2 insertions, 2 deletions
@@ -349,7 +349,7 @@ void *tcplistener(void *arg) { struct sockaddr_storage from; socklen_t fromlen = sizeof(from); - listen(*sp, 0); + listen(*sp, 128); for (;;) { s = accept(*sp, (struct sockaddr *)&from, &fromlen); @@ -460,7 +460,7 @@ void *tlslistener(void *arg) { struct sockaddr_storage from; socklen_t fromlen = sizeof(from); - listen(*sp, 0); + listen(*sp, 128); for (;;) { s = accept(*sp, (struct sockaddr *)&from, &fromlen); |