On Mon, 13 Dec 2004, Joost de Heer wrote:
> Hello,
>
> I have two problems with a Linux Squid machine (Squid 2.5STABLE7, Red Hat
> Enterprise Linux ES release 3 (Taroon Update 1))
>
> Problem 1: Filedescriptors.
>
> above 1024. I've added the following lines to /etc/security/limits.conf:
>
> squid hard nofile 16384
> squid soft nofile 16384
This only applies to interactive sessions where a user logs in to your
server using the "squid" account.
See Squid FAQ 11.4 Running out of filedescriptors
<url:http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.4>
> Problem 2: Parent problems
>
> The Squid proxy has a single peer, a Radware loadbalancer which
> distributes its load to about 15 Finjan content scanners. I see in the
> cache.log that about 3 or 4 times a second, the loadbalancer can't be
> reached, while it's up normally. (TCP connection to XXX.XXX.XXX.XXX/8080
> failed). I have no idea where to start looking for a cause of this.
Any hints in the Radware logs?
> Could it be that the network stack of the Linux machine needs some
> tweaking, to allow a large number of sessions to the same IP address
> (mostly in TIME_WAIT status)?
Quite unlikely. You must be initiating about 250 TCP connections/second
for this to even start to become an issue (30000 or more TIME_WAIT
sockets).
Regards
Henrik
Received on Mon Dec 13 2004 - 03:19:14 MST
This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:02 MST