Re: relayd[66834]: relayd: socketpair: Too many open files

[Kevin]

Just wanted to report back that as advertised 6.0-current from 2016-01-05
solved the problem described below.

Thanks Theo, Reyk, Peter, et al.

On Tue, Jan 3, 2017 at 1:16 PM, Kevin  wrote:

> Hey gang,
>
> So I'm putting a new firewall in place and have run into issues with
> getting relayd to start using:
>
> # /etc/rc.d/relayd start
>
> When I try starting it like that inevitably I get:
>
> relayd(failed)
>
> checking the log files tells me:
>
> relayd: socketpair: Too many open files
>
> Having trolled through pages of SERPs, I can't find an answer; however, in
> the interest of science, if I do this:
>
> # ulimit -n 512
> # /usr/sbin/relayd
>
> it starts perfectly.
>
> Anyone care to give me a quick strike with the clue stick, please?
>
> Oh yah, here's my relayd.conf
>
> # Example.com
> # 145.176.20.136
> exm_chi01="192.168.2.0"
> exm_chi02="192.168.2.1"
>
> table{ $exm_chi01, $exm_chi02 }
>
> #=#
> # Servers #
> #=#
> redirect "Example.com" {
> listen on 145.176.20.162 port 80 interface vio0
> pftag RELAYD-Example.com
> forward to  check tcp
> }
>
>
> For what it's worth, I'm using a hosts file to point example.com to my IP
> for the time being, as I can't pull the real sites down and move them 'til
> this is working.
>
> Also of interest: pf seems to be working as advertised, as does relayd
> when it's started with the ulimit cranked up.
>
>
> Thanks,
> Kevin

Re: relayd[66834]: relayd: socketpair: Too many open files

[Kevin]

On Thu, Jan 5, 2017 at 10:07 AM, Peter Faiman  wrote:

> Hmm. The default number of files is 128 for daemons, but it's strange
> you'd hit that JUST starting up.
>
> Can you try starting relayd with -v -d to see if it logs anything of
> interest?
>

# /usr/sbin/relayd -vvv -d
startup
init_filter: filter init done
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
init_tables: created 1 tables
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
hce_notify_done: 192.168.2.0 (tcp connect ok)
host 192.168.2.0, check tcp (0ms,tcp connect ok), state unknown -> up,
availability 100.00%
hce_notify_done: 192.168.2.1 (tcp connect failed)
host 192.168.2.1, check tcp (1ms,tcp connect failed), state unknown ->
down, availability 0.00%
pfe_dispatch_hce: state 1 for host 1 192.168.2.0
pfe_dispatch_hce: state -1 for host 2 192.168.2.1
table Example.com: 1 added, 0 deleted, 0 changed, 0 killed

Also, take a look at the interesting difference between these two...

# /etc/rc.d/relayd start


relayd(failed)

# /usr/sbin/relayd


# ps uax | grep rel
_relayd  82300  0.0  0.3  1140  1964 ??  Sp11:37AM0:00.00 relayd:
hce (
_relayd  60360  0.0  0.3  1144  2028 ??  Sp11:37AM0:00.00 relayd:
pfe (
root 32087  0.0  0.3  1456  2300 ??  Ss11:37AM0:00.00
/usr/sbin/rel
_relayd  40535  0.0  0.2  1072  1800 ??  Sp11:37AM0:00.00 relayd:
ca (r
_relayd  15864  0.0  0.2  1208  1900 ??  Sp11:37AM0:00.00 relayd:
relay
_relayd  15159  0.0  0.2  1208  1900 ??  Sp11:37AM0:00.00 relayd:
relay
_relayd   7514  0.0  0.3  1208  2004 ??  Sp11:37AM0:00.00 relayd:
relay
_relayd  23861  0.0  0.2  1072  1676 ??  Sp11:37AM0:00.00 relayd:
ca (r
_relayd  16117  0.0  0.2  1072  1680 ??  Sp11:37AM0:00.00 relayd:
ca (r
root 61405  0.0  0.1   336  1128 p0  S+p   11:37AM0:00.00 grep rel




> Can you binary search ulimits until you find the lowest it will start with?
>

I increased ulimit with rational intervals 'til it finally started...


> Reading the source it looks like socket pairs are created between all the
> relayd processes, i.e. n^2 * 2 ish file descriptors, which could exceed 128
> pretty fast. Are you running with a non-default prefork setting?
>


Nope.

My full relayd.conf is in the thread below.



>
> Peter
>
> On Jan 5, 2017, at 09:12, Kevin  wrote:
>
> Nope. I was hoping for another solution, especially given that:
>
> 1. the only thing runnings on this machine are pf and relayd
> 2. there's zero traffic going to it at present
> 3. there's only one site being load balanced
>
> it seems like it shouldn't be necessary.
>
> I'm open to it, if that's the only choice, but it strikes me as outside of
> the bounds of normal operation.
>
> On Thu, Jan 5, 2017 at 9:07 AM, Peter Faiman 
> wrote:
>
>> Have you modified your open file limits in /etc/login.conf? Especially in
>> the daemon section?
>>
>> Peter
>>
>> > On Jan 5, 2017, at 08:50, Kevin  wrote:
>> >
>> >> On Tue, Jan 3, 2017 at 1:16 PM, Kevin  wrote:
>> >>
>> >> Hey gang,
>> >>
>> >> So I'm putting a new firewall in place and have run into issues with
>> >> getting relayd to start using:
>> >>
>> >> # /etc/rc.d/relayd start
>> >>
>> >> When I try starting it like that inevitably I get:
>> >>
>> >>relayd(failed)
>> >>
>> >> checking the log files tells me:
>> >>
>> >>relayd: socketpair: Too many open files
>> >>
>> >> Having trolled through pages of SERPs, I can't find an answer;
>> however, in
>> >> the interest of science, if I do this:
>> >>
>> >> # ulimit -n 512
>> >> # /usr/sbin/relayd
>> >>
>> >> it starts perfectly.
>> >>
>> >> Anyone care to give me a quick strike with the clue stick, please?
>> >>
>> >> Oh yah, here's my relayd.conf
>> >>
>> >> # Example.com
>> >> # 145.176.20.136
>> >> exm_chi01="192.168.2.0"
>> >> exm_chi02="192.168.2.1"
>> >>
>> >> table{ $exm_chi01, $exm_chi02 }
>> >>
>> >> #=#
>> >> # Servers #
>> >> #=#
>> >> redirect "Example.com" {
>> >>listen on 145.176.20.162 port 80 interface vio0
>> >>pftag RELAYD-Example.com
>> >>forward to  check tcp
>> >> }
>> >>
>> >>
>> >> For what it's worth, I'm using a hosts file to point example.com to
>> my IP
>> >> for the time being, as I can't pull the real sites down and move them
>> 'til
>> >> this is working.
>> >>
>> >> Also of interest: pf seems to be working as advertised, as does relayd
>> >> when it's started with the ulimit cranked up.
>> >>
>> >>
>> >> Thanks,
>> >> Kevin
>> >>
>> >
>> >
>> >
>> > Unless there's word to the contrary, and as much as it's not officially
>> the
>> > right thing to do, it seems the only real choice for me here is to run
>> > relayd with ulimit sufficiently cranked, eh?

Re: relayd[66834]: relayd: socketpair: Too many open files

[Kevin]

On Thu, Jan 5, 2017 at 10:19 AM, Peter Faiman  wrote:

> Ah yes I see those lines now, thank you.
>
> Kevin, what version of OpenBSD are you using? You mentioned this is a new
> project so I assume 6.0?
>

>From my dmesg:

OpenBSD 6.0-stable (GENERIC.MP ) #0: Wed Dec 28
14:13:24 PST 2016

Re: relayd[66834]: relayd: socketpair: Too many open files

[Peter Faiman]

Ah yes I see those lines now, thank you.

Kevin, what version of OpenBSD are you using? You mentioned this is a new
project so I assume 6.0?

Peter

On Jan 5, 2017, at 10:08, Theo de Raadt  wrote:

>> Hmm. The default number of files is 128 for daemons, but it's strange
you'd
>> hit that JUST starting up.
>>
>> Can you try starting relayd with -v -d to see if it logs anything of
>> interest?
>>
>> Can you binary search ulimits until you find the lowest it will start
with?
>>
>> Reading the source it looks like socket pairs are created between all the
>> relayd processes, i.e. n^2 * 2 ish file descriptors, which could exceed
128
>> pretty fast. Are you running with a non-default prefork setting?
>
> This was fixed after 6.0.
>
> date: 2016/11/24 21:01:18;  author: reyk;  state: Exp;  lines: +110 -79;
commitid: FkVuQgzULddApn9S;
> The new fork+exec mode used too many fds in the parent process on
> startup, for a short time, so we needed a rlimit hack in relayd.c.
> Sync the fix from httpd: rzalamena@ has fixed proc.c and I added the
> proc_flush_imsg() mechanism that makes sure that each fd is
> immediately closed after forwarding it to a child process instead of
> queueing it up.
>
> OK rzalamena@ jca@ benno@

Re: relayd[66834]: relayd: socketpair: Too many open files

[Theo de Raadt]

> Hmm. The default number of files is 128 for daemons, but it's strange you'd
> hit that JUST starting up.
> 
> Can you try starting relayd with -v -d to see if it logs anything of
> interest?
> 
> Can you binary search ulimits until you find the lowest it will start with?
> 
> Reading the source it looks like socket pairs are created between all the
> relayd processes, i.e. n^2 * 2 ish file descriptors, which could exceed 128
> pretty fast. Are you running with a non-default prefork setting?

This was fixed after 6.0.

date: 2016/11/24 21:01:18;  author: reyk;  state: Exp;  lines: +110 -79;  
commitid: FkVuQgzULddApn9S;
The new fork+exec mode used too many fds in the parent process on
startup, for a short time, so we needed a rlimit hack in relayd.c.
Sync the fix from httpd: rzalamena@ has fixed proc.c and I added the
proc_flush_imsg() mechanism that makes sure that each fd is
immediately closed after forwarding it to a child process instead of
queueing it up.

OK rzalamena@ jca@ benno@

Re: relayd[66834]: relayd: socketpair: Too many open files

[Peter Faiman]

Hmm. The default number of files is 128 for daemons, but it's strange you'd
hit that JUST starting up.

Can you try starting relayd with -v -d to see if it logs anything of
interest?

Can you binary search ulimits until you find the lowest it will start with?

Reading the source it looks like socket pairs are created between all the
relayd processes, i.e. n^2 * 2 ish file descriptors, which could exceed 128
pretty fast. Are you running with a non-default prefork setting?

Peter

> On Jan 5, 2017, at 09:12, Kevin  wrote:
>
> Nope. I was hoping for another solution, especially given that:
>
> 1. the only thing runnings on this machine are pf and relayd
> 2. there's zero traffic going to it at present
> 3. there's only one site being load balanced
>
> it seems like it shouldn't be necessary.
>
> I'm open to it, if that's the only choice, but it strikes me as outside of
the bounds of normal operation.
>
>> On Thu, Jan 5, 2017 at 9:07 AM, Peter Faiman 
wrote:
>> Have you modified your open file limits in /etc/login.conf? Especially in
the daemon section?
>>
>> Peter
>>
>> > On Jan 5, 2017, at 08:50, Kevin  wrote:
>> >
>> >> On Tue, Jan 3, 2017 at 1:16 PM, Kevin  wrote:
>> >>
>> >> Hey gang,
>> >>
>> >> So I'm putting a new firewall in place and have run into issues with
>> >> getting relayd to start using:
>> >>
>> >> # /etc/rc.d/relayd start
>> >>
>> >> When I try starting it like that inevitably I get:
>> >>
>> >>relayd(failed)
>> >>
>> >> checking the log files tells me:
>> >>
>> >>relayd: socketpair: Too many open files
>> >>
>> >> Having trolled through pages of SERPs, I can't find an answer; however,
in
>> >> the interest of science, if I do this:
>> >>
>> >> # ulimit -n 512
>> >> # /usr/sbin/relayd
>> >>
>> >> it starts perfectly.
>> >>
>> >> Anyone care to give me a quick strike with the clue stick, please?
>> >>
>> >> Oh yah, here's my relayd.conf
>> >>
>> >> # Example.com
>> >> # 145.176.20.136
>> >> exm_chi01="192.168.2.0"
>> >> exm_chi02="192.168.2.1"
>> >>
>> >> table{ $exm_chi01, $exm_chi02 }
>> >>
>> >> #=#
>> >> # Servers #
>> >> #=#
>> >> redirect "Example.com" {
>> >>listen on 145.176.20.162 port 80 interface vio0
>> >>pftag RELAYD-Example.com
>> >>forward to  check tcp
>> >> }
>> >>
>> >>
>> >> For what it's worth, I'm using a hosts file to point example.com to my
IP
>> >> for the time being, as I can't pull the real sites down and move them
'til
>> >> this is working.
>> >>
>> >> Also of interest: pf seems to be working as advertised, as does relayd
>> >> when it's started with the ulimit cranked up.
>> >>
>> >>
>> >> Thanks,
>> >> Kevin
>> >>
>> >
>> >
>> >
>> > Unless there's word to the contrary, and as much as it's not officially
the
>> > right thing to do, it seems the only real choice for me here is to run
>> > relayd with ulimit sufficiently cranked, eh?

Re: relayd[66834]: relayd: socketpair: Too many open files

[Kevin]

Nope. I was hoping for another solution, especially given that:

1. the only thing runnings on this machine are pf and relayd
2. there's zero traffic going to it at present
3. there's only one site being load balanced

it seems like it shouldn't be necessary.

I'm open to it, if that's the only choice, but it strikes me as outside of
the bounds of normal operation.

On Thu, Jan 5, 2017 at 9:07 AM, Peter Faiman  wrote:

> Have you modified your open file limits in /etc/login.conf? Especially in
> the daemon section?
>
> Peter
>
> > On Jan 5, 2017, at 08:50, Kevin  wrote:
> >
> >> On Tue, Jan 3, 2017 at 1:16 PM, Kevin  wrote:
> >>
> >> Hey gang,
> >>
> >> So I'm putting a new firewall in place and have run into issues with
> >> getting relayd to start using:
> >>
> >> # /etc/rc.d/relayd start
> >>
> >> When I try starting it like that inevitably I get:
> >>
> >>relayd(failed)
> >>
> >> checking the log files tells me:
> >>
> >>relayd: socketpair: Too many open files
> >>
> >> Having trolled through pages of SERPs, I can't find an answer; however,
> in
> >> the interest of science, if I do this:
> >>
> >> # ulimit -n 512
> >> # /usr/sbin/relayd
> >>
> >> it starts perfectly.
> >>
> >> Anyone care to give me a quick strike with the clue stick, please?
> >>
> >> Oh yah, here's my relayd.conf
> >>
> >> # Example.com
> >> # 145.176.20.136
> >> exm_chi01="192.168.2.0"
> >> exm_chi02="192.168.2.1"
> >>
> >> table{ $exm_chi01, $exm_chi02 }
> >>
> >> #=#
> >> # Servers #
> >> #=#
> >> redirect "Example.com" {
> >>listen on 145.176.20.162 port 80 interface vio0
> >>pftag RELAYD-Example.com
> >>forward to  check tcp
> >> }
> >>
> >>
> >> For what it's worth, I'm using a hosts file to point example.com to my
> IP
> >> for the time being, as I can't pull the real sites down and move them
> 'til
> >> this is working.
> >>
> >> Also of interest: pf seems to be working as advertised, as does relayd
> >> when it's started with the ulimit cranked up.
> >>
> >>
> >> Thanks,
> >> Kevin
> >>
> >
> >
> >
> > Unless there's word to the contrary, and as much as it's not officially
> the
> > right thing to do, it seems the only real choice for me here is to run
> > relayd with ulimit sufficiently cranked, eh?

Re: relayd[66834]: relayd: socketpair: Too many open files

[Peter Faiman]

Have you modified your open file limits in /etc/login.conf? Especially in the
daemon section?

Peter

> On Jan 5, 2017, at 08:50, Kevin  wrote:
>
>> On Tue, Jan 3, 2017 at 1:16 PM, Kevin  wrote:
>>
>> Hey gang,
>>
>> So I'm putting a new firewall in place and have run into issues with
>> getting relayd to start using:
>>
>> # /etc/rc.d/relayd start
>>
>> When I try starting it like that inevitably I get:
>>
>>relayd(failed)
>>
>> checking the log files tells me:
>>
>>relayd: socketpair: Too many open files
>>
>> Having trolled through pages of SERPs, I can't find an answer; however, in
>> the interest of science, if I do this:
>>
>> # ulimit -n 512
>> # /usr/sbin/relayd
>>
>> it starts perfectly.
>>
>> Anyone care to give me a quick strike with the clue stick, please?
>>
>> Oh yah, here's my relayd.conf
>>
>> # Example.com
>> # 145.176.20.136
>> exm_chi01="192.168.2.0"
>> exm_chi02="192.168.2.1"
>>
>> table{ $exm_chi01, $exm_chi02 }
>>
>> #=#
>> # Servers #
>> #=#
>> redirect "Example.com" {
>>listen on 145.176.20.162 port 80 interface vio0
>>pftag RELAYD-Example.com
>>forward to  check tcp
>> }
>>
>>
>> For what it's worth, I'm using a hosts file to point example.com to my IP
>> for the time being, as I can't pull the real sites down and move them 'til
>> this is working.
>>
>> Also of interest: pf seems to be working as advertised, as does relayd
>> when it's started with the ulimit cranked up.
>>
>>
>> Thanks,
>> Kevin
>>
>
>
>
> Unless there's word to the contrary, and as much as it's not officially the
> right thing to do, it seems the only real choice for me here is to run
> relayd with ulimit sufficiently cranked, eh?

Re: relayd[66834]: relayd: socketpair: Too many open files

[Kevin]

On Tue, Jan 3, 2017 at 1:16 PM, Kevin  wrote:

> Hey gang,
>
> So I'm putting a new firewall in place and have run into issues with
> getting relayd to start using:
>
> # /etc/rc.d/relayd start
>
> When I try starting it like that inevitably I get:
>
> relayd(failed)
>
> checking the log files tells me:
>
> relayd: socketpair: Too many open files
>
> Having trolled through pages of SERPs, I can't find an answer; however, in
> the interest of science, if I do this:
>
> # ulimit -n 512
> # /usr/sbin/relayd
>
> it starts perfectly.
>
> Anyone care to give me a quick strike with the clue stick, please?
>
> Oh yah, here's my relayd.conf
>
> # Example.com
> # 145.176.20.136
> exm_chi01="192.168.2.0"
> exm_chi02="192.168.2.1"
>
> table{ $exm_chi01, $exm_chi02 }
>
> #=#
> # Servers #
> #=#
> redirect "Example.com" {
> listen on 145.176.20.162 port 80 interface vio0
> pftag RELAYD-Example.com
> forward to  check tcp
> }
>
>
> For what it's worth, I'm using a hosts file to point example.com to my IP
> for the time being, as I can't pull the real sites down and move them 'til
> this is working.
>
> Also of interest: pf seems to be working as advertised, as does relayd
> when it's started with the ulimit cranked up.
>
>
> Thanks,
> Kevin
>



Unless there's word to the contrary, and as much as it's not officially the
right thing to do, it seems the only real choice for me here is to run
relayd with ulimit sufficiently cranked, eh?

Re: relayd[66834]: relayd: socketpair: Too many open files

[Kevin]

Tiny detail omitted previously (mea culpa): this is on a vultr.com machine.


OpenBSD 6.0-stable (GENERIC.MP) #0: Wed Dec 28 14:13:24 PST 2016
ksmith@template:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 788381696 (751MB)
avail mem = 760070144 (724MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf6a10 (9 entries)
bios0: vendor SeaBIOS version "
rel-1.9.3-0-ge2fc41e-prebuilt.qemu-project.org" date 04/01/2014
bios0: QEMU Standard PC (i440FX + PIIX, 1996)
acpi0 at bios0: rev 0
acpi0: sleep states S3 S4 S5
acpi0: tables DSDT FACP APIC HPET
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Virtual CPU 714389bda930, 2400.36 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,SSE3,PCLMUL,SSSE3,FMA3,CX16,PCID,SSE4.1,SSE4.2,x2APIC,MOV
BE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,LONG,LAHF,ABM,FSGSBASE,BM
I1,AVX2,SMEP,BMI2,ERMS,INVPCID,ARAT
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 1000MHz
ioapic0 at mainbus0: apid 0 pa 0xfec0, version 11, 24 pins
acpihpet0 at acpi0: 1 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C1(@1 halt!)
"ACPI0006" at acpi0 not configured
"PNP0303" at acpi0 not configured
"PNP0F13" at acpi0 not configured
"PNP0700" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"QEMU0002" at acpi0 not configured
"ACPI0010" at acpi0 not configured
pvbus0 at mainbus0: KVM
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA, channel
0 wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0:  ATAPI 5/cdrom
removable
cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
uhci0 at pci0 dev 1 function 2 "Intel 82371SB USB" rev 0x01: apic 0 int 11
piixpm0 at pci0 dev 1 function 3 "Intel 82371AB Power" rev 0x03: apic 0 int
9
iic0 at piixpm0
vga1 at pci0 dev 2 function 0 "Cirrus Logic CL-GD5446" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
virtio0 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio0: address 56:00:00:4b:41:f3
virtio0: msix shared
virtio1 at pci0 dev 4 function 0 "Qumranet Virtio Storage" rev 0x00
vioblk0 at virtio1
scsibus2 at vioblk0: 2 targets
sd0 at scsibus2 targ 0 lun 0:  SCSI3 0/direct fixed
sd0: 15360MB, 512 bytes/sector, 31457280 sectors
virtio1: msix shared
virtio2 at pci0 dev 5 function 0 "Qumranet Virtio Memory" rev 0x00
viomb0 at virtio2
virtio2: apic 0 int 10
virtio3 at pci0 dev 6 function 0 "Qumranet Virtio RNG" rev 0x00
viornd0 at virtio3
virtio3: apic 0 int 10
virtio4 at pci0 dev 7 function 0 "Qumranet Virtio Network" rev 0x00
vio1 at virtio4: address 5a:00:00:4b:41:f3
virtio4: msix shared
isa0 at pcib0
isadma0 at isa0
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 1: density unknown
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 "Intel UHCI root hub" rev 1.00/1.00 addr 1
nvram: invalid checksum
uhidev0 at uhub0 port 1 configuration 1 interface 0 "QEMU QEMU USB Tablet"
rev 2.00/0.00 addr 2
uhidev0: iclass 3/0
ums0 at uhidev0: 3 buttons, Z dir
wsmouse1 at ums0 mux 0
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
root on sd0a (02fdd533b920e06e.a) swap on sd0b dump on sd0b
clock: unknown CMOS layout

On Tue, Jan 3, 2017 at 1:21 PM, Reyk Floeter  wrote:

> dmesg please
>
> > Am 03.01.2017 um 22:16 schrieb Kevin :
> >
> > Hey gang,
> >
> > So I'm putting a new firewall in place and have run into issues with
> > getting relayd to start using:
> >
> > # /etc/rc.d/relayd start
> >
> > When I try starting it like that inevitably I get:
> >
> >relayd(failed)
> >
> > checking the log files tells me:
> >
> >relayd: socketpair: Too many open files
> >
> > Having trolled through pages of SERPs, I can't find an answer; however,
> in
> > the interest of science, if I do this:
> >
> > # ulimit -n 512
> > # /usr/sbin/relayd
> >
> > it starts perfectly.
> >
> > Anyone care to give me a quick strike wit

Re: relayd[66834]: relayd: socketpair: Too many open files

[Reyk Floeter]

dmesg please

> Am 03.01.2017 um 22:16 schrieb Kevin :
> 
> Hey gang,
> 
> So I'm putting a new firewall in place and have run into issues with
> getting relayd to start using:
> 
> # /etc/rc.d/relayd start
> 
> When I try starting it like that inevitably I get:
> 
>relayd(failed)
> 
> checking the log files tells me:
> 
>relayd: socketpair: Too many open files
> 
> Having trolled through pages of SERPs, I can't find an answer; however, in
> the interest of science, if I do this:
> 
> # ulimit -n 512
> # /usr/sbin/relayd
> 
> it starts perfectly.
> 
> Anyone care to give me a quick strike with the clue stick, please?
> 
> Oh yah, here's my relayd.conf
> 
> # Example.com
> # 145.176.20.136
> exm_chi01="192.168.2.0"
> exm_chi02="192.168.2.1"
> 
> table{ $exm_chi01, $exm_chi02 }
> 
> #=#
> # Servers #
> #=#
> redirect "Example.com" {
>listen on 145.176.20.162 port 80 interface vio0
>pftag RELAYD-Example.com
>forward to  check tcp
> }
> 
> 
> For what it's worth, I'm using a hosts file to point example.com to my IP
> for the time being, as I can't pull the real sites down and move them 'til
> this is working.
> 
> Also of interest: pf seems to be working as advertised, as does relayd when
> it's started with the ulimit cranked up.
> 
> 
> Thanks,
> Kevin

relayd[66834]: relayd: socketpair: Too many open files

[Kevin]

Hey gang,

So I'm putting a new firewall in place and have run into issues with
getting relayd to start using:

# /etc/rc.d/relayd start

When I try starting it like that inevitably I get:

relayd(failed)

checking the log files tells me:

relayd: socketpair: Too many open files

Having trolled through pages of SERPs, I can't find an answer; however, in
the interest of science, if I do this:

# ulimit -n 512
# /usr/sbin/relayd

it starts perfectly.

Anyone care to give me a quick strike with the clue stick, please?

Oh yah, here's my relayd.conf

# Example.com
# 145.176.20.136
exm_chi01="192.168.2.0"
exm_chi02="192.168.2.1"

table{ $exm_chi01, $exm_chi02 }

#=#
# Servers #
#=#
redirect "Example.com" {
listen on 145.176.20.162 port 80 interface vio0
pftag RELAYD-Example.com
forward to  check tcp
}


For what it's worth, I'm using a hosts file to point example.com to my IP
for the time being, as I can't pull the real sites down and move them 'til
this is working.

Also of interest: pf seems to be working as advertised, as does relayd when
it's started with the ulimit cranked up.


Thanks,
Kevin