File descriptor limit - solution!

    First up, i'd like to thank Henrik Nordstrom for replying so promptly
to the questions I have had with such good advice.
    As per the FAQ I initially tried to just increase the appropriate
limits.h file and boost the file-max parameter in the /proc directory. I
was running kernel 2.0.36
    Regardless of what I did to the kernel , Squid refused to compile with
more then 256 file descriptors available.
    Upon Mr Henrik's suggestion I upgraded the kernel to 2.2.4. I am
running RedHat so I upgraded to 5.2 from 5.1 and then applied the kernel
2.2 updates. (It worked first go, whilst running, on our in-use production
server) rebuilt the kernel , added a line to rc.local boosting file-max to
4096 and restarted.
    After 5 minutes while I plugged in yet another 128Mb ram
SDRAM as part of the upgrade, it restarted perfectly first go.
The kernel came up perfectly with 4096 file descriptors available and
no complaints.
    It is interesting to note that the ipfwadm-wrapper script does not
work as a direct drop in replacement. I just replaced ipfwadm with
ipfwadm-wrapper but it redirected me to port 80 instead of port 8080 which
is where the proxy lives. If you need it, this is the format for a redirect
for a whole subnet:

ipchains -A input -j REDIRECT 8080 -s 203.57.24.0/24 -d 0.0.0.0/0 80 -p tcp

    The ipfwadm / ipchains arguments comparison table at the back of the
ipcahins HOWTO.txt is excellent. It lives in /usr/doc/ipchains<version>/
on a Redhat system.
    Next, after the old squid was working again, I jumped into the source
I had of squid-2.1.RELEASE , did a "make clean" , did "rm config.cache"
and hit ./configure --a_few_options
    First go it detected 4096 file descriptors and we were away. After
installing the new binary it was off.
    I havnt had any trouble yet running out of file descriptors.
    I must be just at the point where you would start to run out. We have
14Gb of cache available (scoring about 30% byte hit rate) and it only
started to run out as the disks approached full. We get about 2.2Gb of
traffic per day.
    I am more then happy with the new kernel series as it provides me with
a lot more network and routing options that are going to be very handy.
The more stuff the kernel they put in the kernel the more useful it
becomes.I have been running 2.2.3 and it is as stable as a rock for
everything I do.
    The only hassle I had with 2.2.4 is that BSD style process accounting
will not compile. It worked flawlessly on 2.2.3. It would be wasted on me
anyway I think , simply because that while the kernel docs say it is a
"good thing" I have no idea what it is or how to use it.I presume it will
be fixed in a patch.
    
    Hope this is of assistance,
    David Nillesen

Northnet Internet Services
+612 67749300

Type Bits/KeyID Date User ID
pub 2048/BBCA4E3D 1998/01/03 David A Nillesen <dave@northnet.com.au>

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3ia

mQENAzSuzZAAAAEIALp91sG9Nq85LKUmvQJlF1imz89BSaoJGb5Dx3pSMhsCztFo
l9iLvGDKQoDXFw7g0FKHme2mBypIeNctBnFCC57xFKDjbJz4KIljN1ngPewgwH2e
PlR0Hm/ocIkuh33HnueJYUC8d8bmAACGAavt40Y+5nVxXcbz+6lGUXEzcdnlKh/E
Oo5MDJnLk1cVl8YgdILKT584oCBWbfBvS9pwNyjwX+HW0cX0f8cOLlGJJNtOtUnm
fff1eV5ZXNXEE7YM2uf3p5u/eCtM0poJA8yY3MwhPiu9a4sjRe7zFpBdTGIBJB+8
iEX7IbQf/NsT8hqkg44IpujnjBGBPqGUAbvKTj0ABRG0J0RhdmlkIEEgTmlsbGVz
ZW4gPGRhdmVAbm9ydGhuZXQuY29tLmF1PokBFQMFEDSuzZA+oZQBu8pOPQEB5j4H
/169BcOssg2lXzTFxmR2ifF1rd0k5PlnCSVEE6+h6EtvZ4uPc+zJTbBLqszV2kfr
WRoiSWTzDVMySMYFmOl+azdkedgqS6GBOl+qBC0w88slFj6kXP1lzLuEDT1Hoxta
NQeleOU0hDibnv0losv4rcis7cThD8YClqkiRStw7IBEgStA3d8o+CMGzdzgvMx4
bqTPDRaTSmGA2Pay5am6/uT1gvEbrjSb8QbDkpKav1cUFYOyIQ6k3XoNZX8eUeqB
kl8c4mg3D0Z9pAY+snv8F76mkpodYO3YBBO/kxa9Zl+YT0LOdsq8FNt5RiFi781L
Oad5uMOPWpTFpDL01QABvsE=
=nrSz
-----END PGP PUBLIC KEY BLOCK-----
Received on Thu Mar 25 1999 - 13:44:03 MST