Ok, I started looking through the mess that is in_pcb.c, and I came up with a simpler idea than trying to improve upon my old heuristic.
What if we just build upon what Gleb did in revision 1.256, and change the size of the tcptw zone? Instead of scaling it to maxsockets / 5, let's scale it to max((ipport_lastauto - ipport_firstauto)/2, 500). We'll have to rescale it whenever the port ranges are changed, but those sysctls are already handled by a function, so it'll be easy.
This means that we'll be keeping around fewer time_wait sockets than we do at present, but I don't think that's a big problem for anyone. On the positive side, it means that time_wait sockets can't starve out ephemeral ports unless you have more than 50% active connections.
One slightly more complex solution would be to use one tcptw bucket for connections with local ports >= 1024 and a seperate bucket for connections with local ports < 1024. Assuming that our front end web proxy answers on ports < 1024, that would ensure that we keep one pool of time_wait sockets for our connections from clients and another pool for our connections to the backend web servers. I guess that would be slightly more "correct".
What do you guys think? Mike "Silby" Silbersack _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[EMAIL PROTECTED]"
