The tcp_max_syn_backlog parameter is the queue size of open tcp connections awaiting an ACK packet to complete the 3-way handshake. The default number is 1000, but can be adjusted according to your needs. In the event of a synflood DOS attack, this queue can fill up pretty quickly, at which point tcp_syncookies will kick in allowing your system to continue to respond to legitimate traffic, and allowing you to gain access to block malicious IPs.

In most scenarios this parameter will not need to be adjusted, but is good to know about.