On Mon, 13 Dec 2004, Joost de Heer wrote:
Hello,
I have two problems with a Linux Squid machine (Squid 2.5STABLE7, Red Hat Enterprise Linux ES release 3 (Taroon Update 1))
Problem 1: Filedescriptors.
above 1024. I've added the following lines to /etc/security/limits.conf:
squid hard nofile 16384 squid soft nofile 16384
This only applies to interactive sessions where a user logs in to your server using the "squid" account.
See Squid FAQ 11.4 Running out of filedescriptors <url:http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.4>
Problem 2: Parent problems
The Squid proxy has a single peer, a Radware loadbalancer which distributes its load to about 15 Finjan content scanners. I see in the cache.log that about 3 or 4 times a second, the loadbalancer can't be reached, while it's up normally. (TCP connection to XXX.XXX.XXX.XXX/8080 failed). I have no idea where to start looking for a cause of this.
Any hints in the Radware logs?
Could it be that the network stack of the Linux machine needs some tweaking, to allow a large number of sessions to the same IP address (mostly in TIME_WAIT status)?
Quite unlikely. You must be initiating about 250 TCP connections/second for this to even start to become an issue (30000 or more TIME_WAIT sockets).
Regards Henrik
