With more clients moving to the mobile world web traffic changes somewhat and new challenges rise. One particular challenge related to the fact that mobile customers are not as fast as broadband ones and they create all kinds of problems related to big roundtrip latency. One of the problems can be detected in form of occasional 3 second connection timeout to the web server. That connection timeout happens because of SYN packet loss which happens because backlog queue for the web server is filled up with connections sending SYN+ACK to slow mobile customers. The fist thing you may naturally try is to raise net.ipv4.tcp_max_syn_backlog to 2k, but surprisingly that does nothing. Its because this parameter controls global backlog but backlog per port is limited by net.core.somaxconn. You can see number of queue with this command: netstat -ant | grep -c SYN_REC. You can manually emulate SYN backlog congestion with hping3, dont forget to forge source address otherwise server will get RSTs and backlog wont fill up.
# /etc/sysctl.conf :
net.ipv4.tcp_max_syn_backlog = 2048
net.core.somaxconn = 1024
net.ipv4.tcp_syncookies = 1
(dont forget to reload sysctl with sysctl -f /etc/sysctl.conf)