惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
V2EX - 技术
D
DataBreaches.Net
阮一峰的网络日志
阮一峰的网络日志
Recent Announcements
Recent Announcements
V
V2EX
Hugging Face - Blog
Hugging Face - Blog
T
The Exploit Database - CXSecurity.com
Simon Willison's Weblog
Simon Willison's Weblog
Cisco Talos Blog
Cisco Talos Blog
Microsoft Security Blog
Microsoft Security Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
K
Kaspersky official blog
F
Fortinet All Blogs
GbyAI
GbyAI
Forbes - Security
Forbes - Security
The Cloudflare Blog
博客园 - 司徒正美
博客园_首页
量子位
Schneier on Security
Schneier on Security
G
GRAHAM CLULEY
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
P
Proofpoint News Feed
N
News | PayPal Newsroom
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 聂微东
T
Tor Project blog
V
Vulnerabilities – Threatpost
Y
Y Combinator Blog
Jina AI
Jina AI
Help Net Security
Help Net Security
T
Threat Research - Cisco Blogs
Recent Commits to openclaw:main
Recent Commits to openclaw:main
C
Cybersecurity and Infrastructure Security Agency CISA
Project Zero
Project Zero
N
News and Events Feed by Topic
I
Intezer
B
Blog
美团技术团队
C
CERT Recently Published Vulnerability Notes
NISL@THU
NISL@THU
L
LINUX DO - 最新话题
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Blog — PlanetScale
Blog — PlanetScale
AWS News Blog
AWS News Blog
T
Tailwind CSS Blog
The Last Watchdog
The Last Watchdog
雷峰网
雷峰网
有赞技术团队
有赞技术团队

The Practical Developer

The Libuv Thread Pool Trap: Why Node.js Async APIs Stall Under Load Postgres Covering Indexes with INCLUDE: Eliminate Heap Fetches on Read-Heavy Workloads Postgres DISTINCT ON: The Fastest Way to Get the Latest Row Per Group Postgres Transaction Isolation: The Anomalies Your App Actually Faces in Production Postgres HOT Updates and Fillfactor: Why Not All Writes Are Created Equal Database Connection Pool Leaks: Finding the Promise That Never Returns Its Seat Linux OOM Killer in Production: Why Your Node.js Containers Die Without a Stack Trace Postgres Materialized Views: Refresh Strategies That Do Not Lock Your Dashboards API Dependency Health Checks: Why /health Is Not Enough Authorization with Zanzibar Tuples: How Google Manages Permissions and How To Build the Same Check in Node.js Postgres Advisory Locks: The 20-Character Primitive That Replaces Redis for Coordination Dead Letter Queues: The Message Queue Pattern That Saves You at 2 a.m. File Descriptor Exhaustion: The Kernel Limit That Silently Drops Node.js Connections Graceful Degradation: The Pattern That Turns Total Outages into Partial Success PostgreSQL Full-Text Search: Dropping Elasticsearch for 90% of Use Cases S3 Presigned Multipart Uploads: Stop Your API Server from Being a File Upload Bottleneck MessagePack vs JSON: The Binary Serialization Switch That Cut Our Internal RPC Overhead by 40% DNS Caching in Node.js: The Silent Cause of Production Latency Spikes Reliable Cron Jobs: The Pattern That Stops Double Runs, Missed Executions, And The 2 AM Page GraphQL Query Complexity: Stop the OOM Query Before It Reaches Your Resolver Node.js Event Loop Lag: The Hidden Metric Behind Random Latency Spikes API Request Validation with Zod: The Schema That Catches Bad Input Before It Corrupts Your Database Load Shedding in Node.js: How to Reject Traffic Before You Drown Request Hedging: Cut Tail Latency In Half Without Overprovisioning Git Bisect: The Automated Binary Search That Finds Breaking Commits in Minutes Node.js Garbage Collection Tuning: Stop Letting V8 Pause Your Event Loop Node.js Server Timeouts: The Settings That Stop Slow Clients from Holding Sockets Hostage Postgres BRIN Indexes: The Time-Series Secret That Shrinks Indexes by 99% Event Sourcing with PostgreSQL: The Pragmatic 80% Solution Node.js Cluster Mode: Scaling the Event Loop Across CPU Cores Postgres Partial Indexes: Stopping Soft Deletes from Ruining Your Query Performance Request Coalescing with the Singleflight Pattern: Stop Drowning Your Database on Every Cache Miss The Bulkhead Pattern: Why One Slow Endpoint Should Not Drown Your Whole Service Node.js AsyncLocalStorage: End-to-End Request Context Without the Propagation Hell Postgres Deadlocks: Logging the Victim, Reproducing the Race, and Fixing the Lock Order Your Node.js HTTP Client Is the Bottleneck: Connection Pool Tuning That Works Optimistic Locking in Postgres: Stop Losing Data to Race Conditions Postgres Read Replicas: Stop Serving Stale Data to Your Users Cursor Pagination: Why Offset Queries Explode at Scale and How to Fix Them Node.js Worker Threads: 60 Lines That Stop a CSV Upload from Timing Out Every Other Request Reliable Webhook Delivery: Architecture for Outbound HTTP You Can Trust Request Timeouts and Deadline Propagation: Stop the Chain of Slowness Advanced Security Practices in Node.js Graceful Shutdown in Node.js: The 40 Lines That Stop 502s During Deploys Finding Node.js Memory Leaks with Heap Snapshots Idempotency Keys in 30 Lines: Stop Your Webhook From Charging Customers Twice Backpressure In Node.js: The Fix For Slow-Motion Queue Meltdowns Retries Done Right: Jitter, Budgets, and the Stampede You Did Not See Coming The Cache Stampede: Why Your "Just Add Redis" Layer Crashes Postgres at 3 a.m. Postgres SKIP LOCKED: An 80-Line Job Queue You Can Run Without Redis Stop Doing Work Nobody Wants: AbortController in Node.js, Done Right The N+1 Query Problem: We Found 23 In One Codebase And Killed Every One I Tried 5 AI Coding Tools for a Month. Here Is What I Actually Use CI/CD From Zero to Production in 30 Minutes With GitHub Actions Node.js vs Bun vs Deno: Which Runtime Should You Pick in 2025? Kubernetes Resource Requests And Limits: The Numbers That Decide If Your Cluster Is Stable The Three Pillars of Observability Are A Myth: What Actually Matters In Production pnpm Vs npm Vs yarn Vs Bun For Monorepos: Which One Earns The Migration In 2024 JSONB Indexing In Postgres: GIN Vs Expression Indexes, And When Each Is The Right Choice A Code Review Checklist That Ends The Same Three Arguments Every Sprint gRPC Vs REST In 2024: When The Switch Pays For Itself React Suspense For Data Fetching: The Pattern That Replaces Half Your Loading State Code The Five-Stage Rollout: How To Ship A Risky Change Without Holding Your Breath GitHub Actions In A Monorepo: Caching, Path Filters, And Secret Boundaries That Actually Work The Blameless Postmortem That Actually Improves Things: A Template And Six Hard-Won Rules Recursive CTEs In Postgres: How To Query A Tree Without N Round Trips Node.js Streams: When They Actually Help, And When They Just Add Complexity Playwright Vs Cypress In 2024: The Honest Comparison Of Which One Earns The Test Time React Server Components: The Mental Model That Makes The "use client" Boundary Obvious Pod Disruption Budgets: The K8s Object That Keeps Your Service Up During Cluster Maintenance Postgres LISTEN/NOTIFY: The Pub/Sub You Already Have And Are Not Using Chaos Engineering Starter Kit: The Five Drills That Don't Need Netflix-Scale Spec-Driven API Development With OpenAPI: How To Stop Drifting From Your Docs Saga Pattern vs Two-Phase Commit: Distributed Transactions Without The Lies Kubernetes Autoscaling Beyond CPU: The Custom-Metric HPA Pattern That Actually Works Postgres Partitioning For Time-Series: The Boring Setup That Saves Your Database Distributed Locks With Redis: An Honest Look At Redlock And When You Don't Need It HTTP/2 vs HTTP/3: What Actually Changes For Your App, And What Doesn't Image Optimization For The Web In 2023: srcset, AVIF, And The Lighthouse Score You Actually Want Kafka vs RabbitMQ: A Decision Tree That Doesn't Hate You UUID vs Bigint Primary Keys In Postgres: The Index Math That Decides For You Flame Graphs: How To Find The Slow Function In 30 Seconds Without Profiling Theatre Postgres Streaming Vs. Logical Replication: Which One Solves Your Actual Problem ESLint Rules That Earn Their Keep: The Twelve I Enable On Every Project Pre-Commit Hooks That Pay For Themselves: Husky, lint-staged, And The Five Rules That Stick Zero-Downtime Database Migrations: The Six-Step Pattern That Rules Them All Circuit Breakers In Node.js: 50 Lines That Stop A Failing Dependency From Taking Down Your Service Postgres VACUUM Is Not Magic: How Your Hot Table Bloats To 80GB And How To Fix It Kubernetes Liveness And Readiness Probes: The Difference That Causes Half Your Outages Rate Limiting In Production: A Token Bucket In 30 Lines Of Redis The Outbox Pattern: How To Stop Losing Events When Postgres And Kafka Disagree Load Testing With k6: The Three Scenarios That Find Real Bugs (Not Synthetic Numbers) Postgres Row-Level Security For Multi-Tenant Apps: The Pattern That Stops You From Leaking Data Rebase vs. Merge: The Team Policy That Ends The Argument Forever OpenTelemetry in Node.js: Distributed Tracing That Actually Helps During an Incident Feature Flags That Pay Rent: The 4 Flag Types And When To Delete Each ETag, Last-Modified, and the Caching Headers Most APIs Get Wrong Connection Pooling Without the Cargo Cult: pgbouncer in 100 Lines of Config JSONB Is Not a Schema: When To Reach For It in Postgres, And When To Stop Bash Strict Mode: The Three Lines That Stop Your Deploy Script From Lying To You
Linux TCP Tuning for Node.js Microservices: The Kernel Settings That Stop Silent Connection Drops Under Load
The Practica · 2026-05-26 · via The Practical Developer

Your load test hits 2000 requests per second and the Node.js server is barely cracking 30% CPU. The event loop looks fine. GC is quiet. No uncaught exceptions. But the load generator reports 3% connection timeouts, and a few of your downstream callers have started opening tickets about intermittent “socket hang up” errors.

You check application logs. Nothing. Metrics dashboards. Green. It feels like a ghost, until someone runs ss -s on the host and sees forty thousand sockets in TIME_WAIT. Or dmesg shows TCP: request_sock_TCP: Possible SYN flooding on port 3000. The kernel is fighting your traffic and it is winning.

This is the class of failure that application-level profiling cannot see. The Linux kernel ships with TCP defaults designed for a desktop from 2005, not a container running Node.js behind a load balancer in 2026. This post covers the four sysctl families that matter, how to read the failure signals, and the exact Node.js server tweak most teams miss.

The invisible bottleneck: connection establishment

When a client opens a TCP connection to your Node.js server, three things happen in the kernel before server.on('connection', ...) ever fires.

  1. The client sends a SYN.
  2. The kernel allocates space in the SYN backlog, replies with SYN-ACK, and waits for the final ACK.
  3. Once the handshake completes, the socket moves to the accept queue. Node.js calls accept() during its next event-loop tick and emits the connection event.

If the SYN backlog or the accept queue fills up, the kernel drops incoming SYN packets or sends SYN cookies. The client times out and retries. Your application never sees the connection, so it cannot log the drop. This looks like a network blip, but it is a capacity limit.

The default net.core.somaxconn on most Linux distributions is 128 or 4096. That sounds like enough until your containers restart under a load balancer with fifty warm connections each, or a redeploy causes a connection storm.

Fix 1: SYN and accept queues

The tunables that control inbound connection capacity are:

net.core.somaxconn = 65535
net.ipv4.tcp_max_syn_backlog = 65535

net.core.somaxconn sets the maximum length of the accept queue for all listening sockets. tcp_max_syn_backlog sets the SYN queue depth for IPv4. You want both large enough that bursts land in memory, not on the floor.

But changing the kernel is only half the battle. Node.js creates its Server with a default backlog of 511, and that value is silently capped by whatever somaxconn is at process start time. If you raise the kernel limit but never touch the Node.js listen call, you left capacity on the table.

import { createServer } from 'node:http';

const server = createServer((req, res) => {
  res.end('ok');
});

// backlog = somaxconn, usually 65535 after tuning
server.listen(3000, '0.0.0.0', 65535, () => {
  console.log('listening with backlog 65535');
});

The third argument to listen is the backlog. If you omit it, Node.js uses 511, which is fine for development and tragic for a surprise traffic spike. Set it explicitly to match your sysctl value.

Check current queue depths in real time with:

ss -lnt | grep 3000

If the Send-Q column (accept queue capacity) is stuck at 511 even after tuning, your Node.js process was started before the sysctl change, or the listen backlog is still hardcoded low. Restart the process after sysctl takes effect.

Fix 2: ephemeral port exhaustion on the client side

Your Node.js service is not only a server. It is also a client calling databases, other microservices, and third-party APIs. Every outbound TCP connection consumes an ephemeral port from the range 32768-60999 by default. That is about 28,000 ports.

Under high concurrency, especially with short-lived requests, ports get stuck in TIME_WAIT for two minutes (the default tcp_fin_timeout). Once the local port pool is exhausted, new outbound connections fail with EADDRNOTAVAIL. Your code throws a connection error that looks like the downstream service is broken, but it is your own kernel.

The fix is a combination of range expansion and controlled reuse:

net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_tw_reuse = 1

ip_local_port_range opens the full ephemeral range. tcp_tw_reuse allows the kernel to reuse TIME_WAIT sockets for new outgoing connections when it is safe (the protocol side using a new timestamp). It does not break TCP semantics, and it is the standard production setting for high-connection clients.

Note: leave tcp_tw_recycle alone. It was removed in Linux 4.12 because it breaks NAT environments. Do not copy decade-old blog posts that recommend it.

Keep an eye on port usage:

ss -tan | awk '{print $4}' | cut -d: -f2 | sort | uniq -c | sort -rn | head

If the same local port shows up hundreds of times in TIME_WAIT, you need reuse or a connection pool. Speaking of which, pooling is still the best fix. Reusing a single connection for fifty requests avoids fifty ports entirely. But if you cannot pool (stateless third-party APIs, per-request auth), tuning is your lifeline.

Fix 3: memory buffers for throughput

Node.js streams are fast only if the kernel has room to absorb bursts. If net.core.rmem_max and wmem_max are low, the kernel advertises a small TCP window and high-bandwidth links become underutilized. In container environments with virtual NICs, this is especially punishing because the veth bridge adds overhead.

net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.core.netdev_max_backlog = 65535

tcp_rmem and tcp_wmem are three-value tuples: minimum, default, and maximum buffer sizes. The kernel scales each socket’s buffer between min and max based on observed latency and throughput. A 16 MiB ceiling supports high-BDP (bandwidth-delay product) paths without wasting memory on every idle connection.

netdev_max_backlog matters for bursty traffic at the interface level. If packets arrive faster than the kernel can hand them to userspace, they drop at the NIC ring buffer. This shows up as rx_missed_errors in ethtool -S eth0 or as stealth packet loss that TCP retransmits around, adding latency.

For containerized Node.js, remember that rmem_max and wmem_max apply at the host level, not inside the container namespace. You must set them on the worker node, not in the Pod spec. If you run on managed Kubernetes, you may not have host access, in which case tuning moves to your node image or your platform team’s daemonset.

Fix 4: socket cleanup when connections go idle

Under heavy churn, connections leak into half-open states when a peer reboots, a NAT gateway times out, or a container drifts away during a rolling update. By default, Linux sends keepalive probes after two hours. Two hours of dead sockets sitting in your connection pool is two hours of requests queuing behind a phantom resource.

net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 6

This starts probing after 60 seconds of idleness, every 10 seconds, for up to 6 tries. A dead peer is detected inside two minutes instead of two hours. Your Node.js connection pool can evict the bad socket and establish a healthy replacement before the next request arrives.

This stacks cleanly with the keepalive content in the dedicated TCP keepalive post already on the blog, but you need both the Node.js keepAlive: true on your agent and the kernel tuning on the host. Without the kernel side, your agent sends probes into a black hole forever.

Detection: how to know which limit you hit

Most of these failures look like “the network is flaky.” Here is a quick diagnostic map.

SymptomLikely LimitOne-liner Check
Connection timeouts at high load, no app CPU spikesomaxconn / listen backlogss -lnt check Send-Q vs Recv-Q
dmesg shows SYN floodingtcp_max_syn_backlogdmesg | grep SYN
Outbound errors: EADDRNOTAVAILEphemeral port exhaustionss -tan | grep TIME_WAIT | wc -l vs ip_local_port_range range
Throughput capped under 1 Gbps on fast linksSmall TCP bufferscat /proc/sys/net/core/rmem_max
Sporadic latency spikes under burst loadnetdev_max_backlog dropsethtool -S eth0 | grep rx_missed_errors or ifconfig RX errors
Idle connections dead for minutes after restartKeepalive defaults too slowcat /proc/sys/net/ipv4/tcp_keepalive_time

In the worst case, run sar -n TCP,ETCP 1 on the host. It prints passive opens, active opens, retransmits, and failed connection attempts per second. Retransmits climbing while failed opens also climb is the fingerprint of a dropped queue.

The full sysctl config

Here is a drop-in file you can ship with Ansible, Terraform cloud-init, or a Kubernetes node-problem-detector DaemonSet. It is conservative enough for general web workloads and avoids the unsafe settings (no tcp_tw_recycle, no tcp_window_scaling tweaks that break middleboxes).

# /etc/sysctl.d/99-nodejs-microservices.conf

# Inbound connection capacity
net.core.somaxconn = 65535
net.ipv4.tcp_max_syn_backlog = 65535

# Outbound connection capacity
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30

# Buffer sizes for throughput
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.core.netdev_max_backlog = 65535

# Keepalive to detect dead peers faster
net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 6

# Memory safety for TCP stack (pages, not bytes)
net.ipv4.tcp_mem = 786432 1048576 26777216

Apply with:

sudo sysctl --system

tcp_mem is the most dangerous line in that file. It controls the total memory the kernel can use for TCP across all sockets. The three numbers are low, pressure, and high watermarks in memory pages (4 KiB on x86_64). If usage crosses the high watermark, the kernel aggressively drops packets. If you set this too low on a connection-heavy box, you create the very drops you are trying to avoid. Start with the values above and adjust based on slabtop and free under real load.

What stays the same, even after tuning

Kernel tuning is a multiplier, not a replacement. If your Node.js event loop is blocked for 200 ms on a synchronous JSON.parse, no amount of somaxconn will save you. The backlog fills because you are not calling accept() fast enough, not because 65535 is too small.

Similarly, if your application leaks connections (opening a new database client on every request and never closing it), ephemeral port exhaustion will still find you eventually. Tuning expands the runway. Fixing the leak stops the crash.

Use tuning to buy headroom, then profile your actual event-loop lag and connection lifetimes to see whether you need architectural changes. The order matters: tune first, then scale horizontally, then rewrite. Most teams rewrite too early when the kernel was the real bottleneck.

Container-specific gotchas

In Docker or Kubernetes, sysctl settings fall into three categories.

  1. Safe in any container. net.ipv4.tcp_tw_reuse and net.ipv4.tcp_rmem can usually be set inside a container because they exist in the network namespace.

  2. Host-level only. net.core.somaxconn, rmem_max, wmem_max, and netdev_max_backlog are not namespaced in all kernels. Setting them inside a container silently does nothing or fails with permission denied. They must be set on the host.

  3. Requires privileged or init container. If you need container-level tuning, run a privileged init container that writes the host sysctl via a shared /proc mount, or set the sysctls at node provisioning time through your AMI or cloud-init.

For Kubernetes, the cleanest approach is a node-provisioning step in your infrastructure-as-code, not a runtime sidecar. Sysctl changes require root and often trigger node reboot policies depending on your distribution. Better to bake them into the node image so pods start on a pre-warmed host.

Practical takeaway

Your Node.js server can handle far more connection-oriented traffic than the Linux defaults allow. Queue drops, ephemeral port exhaustion, and buffer starvation all masquerade as application bugs because they happen below the event loop and do not throw loggable exceptions.

Checklist before your next load test:

  • net.core.somaxconn and tcp_max_syn_backlog are 65535 or higher.
  • The Node.js listen() call passes the same backlog value.
  • ip_local_port_range covers at least 1024-65535 and tcp_tw_reuse is enabled.
  • rmem_max and wmem_max are at least 16 MiB for services that stream data.
  • Keepalive probes start within 60 seconds.
  • You have validated the host-level settings apply on your container nodes.

Set these once in your base image or infrastructure automation. They cost nothing in steady state and they remove an entire class of silent production failures that show up only when traffic gets interesting.

A note from Yojji

Production Node.js systems that ship reliably are not just well-coded. They are tuned end-to-end: application logic, runtime settings, container limits, and kernel parameters. Yojji’s backend teams regularly pair application profiling with host-level TCP analysis when they build high-throughput microservices for clients across Europe, the US, and the UK. If you are scaling a real-time API or a data-heavy platform, the discipline of proving capacity at every layer of the stack (not just the framework) is what separates robust infrastructure from hope.

Yojji is an international custom software development company founded in 2016, specializing in the JavaScript ecosystem (React, Node.js, TypeScript), cloud platforms (AWS, Azure, Google Cloud), and scalable distributed systems architecture.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。