Skip to content

Tuning Apache ListenBackLog

Published by tex on February 14, 2017

What is ListenBackLog?

The maximum length of the queue of pending connections. Generally no tuning is needed or desired, however on some systems it is desirable to increase this when under a TCP SYN flood attack. See the backlog parameter to the listen(2) system call.

This will often be limited to a smaller number by the operating system. This varies from OS to OS. Also note that many OSes do not use exactly what is specified as the backlog, but use a number based on (but normally larger than) what is set.

By default, Apache sets its listen backlog to 511 based on the ListenBacklog directive. However, the Linux kernel has a completely different idea in mind: if the value of a socket’s listen backlog exceeds that of net.core.somaxconn sysctl value (defaults to 128 on stock builds), the kernel quietly shrinks the socket’s listen backlog to net.core.somaxconn. Thank you, Linus Torvalds.

In apache2.conf (or depends on your linux distro)

ListenBackLog 1024

Do not forgot about net.core.somaxconn. Increase this value to min. 4096

References:
How TCP backlog works in Linux
ListenBackLog Directive

Published inLinuxWebservers