[squid-users] Your cache is running out of filedescriptors

[Vieri]

________________________________
From: Eliezer Croitoru <eliezer at ngtech.co.il>
>
> Just so you would notice:
> open files                      (-n) 4096
>
> you should first make it at least 16384 if not more...
> It's not harmful to start with 65535 and then see if the issue still persists or things get resolved.
> Maybe the issue with the ssl_crtd is related to the FD issue but I'm not 100% sure.
> What OS are you using?


Thanks for the tip Eliezer.

I'm using Gentoo Linux with the standard kernel and base system. I used to use the "hardened" version, but I recently had networking issues with it so I moved away from it. I'm saying this because I already increased the default ulimit values I reported (of which "open files 4096") in the "standard" Gentoo system. The original default was half as much (2048). This is only my guess, but I think this Gentoo flavor is meant for general use, especially desktop. On the other hand, Gentoo Hardened (and other flavors) might be more server-oriented. I do NOT know yet if the ulimit values in the hardened version are different.

I did not know that the OS defaults would be so restrictive, especially if you say that I can safely start with 65535 open files.


To make a long story short, I'll try raising the value to 65535. Would you suggest to set the same for both soft and hard?
* soft nofile 65535
* hard nofile ?

Is a squid restart enough to apply, or is it recommended to restart the kernel/system?

I also stumbled on the following directives in squid.conf.

client_lifetime defaults to 1 day. I might need to set it to a lower value. However, I don't see too many connections with:
# netstat -a -n | grep CLOSE_WAIT


Squid doc also suggests to tune these settings:
read_timeout, request_timeout, persistent_request_timeout and quick_abort

A bit risky... but I'll take a look at it.

Vieri