[squid-users] Scaling concurrent TCP sessions beyond ephemeral port range
Praveen Ponakanti
pponakanti at roblox.com
Fri May 20 00:22:06 UTC 2022
Hi,
Does anyone have recommendations on scaling concurrent connections through
the squid proxy to above the ephemeral port range?
I have squid v5.5 on Ubuntu with about 48K ephemeral ports available with
the ip_local_port_range. The squid is bound to listen on port 3128 and has
a single tcp_outgoing_address configured. We notice that after about 40-45k
concurrent connections through the proxy it is unable to reuse ports and it
severely limits local ports available to other applications running on the
system. The squid is setup to run 30 workers; total CPU is still under 10%
during peak connection rates.
Is any build config flag required to enable SO_REUSEPORT or SO_REUSEADDR on
the outbound TCP sessions opened by squid?
It does not appear that there is an option to use the
IP_BIND_ADDRESS_NO_PORT sockopt flag which can help with ephemeral port
reuse.
We have tried enabling tcp_tw_reuse, ip_autobind_reuse and ip_nonlocal_bind
flags, but unable to get the system reuse the ephemeral ports. The
fs.file-max is set to 4M. Pasted some errors below. Any suggestions are
appreciated!
Thanks
Praveen
2022/05/19 23:35:00 kid12| commBind Cannot bind socket FD 3075 to <*IP*>:
(99) Cannot assign requested address
current master transaction: master48536607
2022/05/19 23:35:00 kid23| commBind Cannot bind socket FD 1320 to <*IP*>:
(99) Cannot assign requested address
current master transaction: master26662366
2022/05/19 23:37:30 kid13| commBind Cannot bind socket FD 3346 to <*IP*>:
(98) Address already in use
current master transaction: master11976056
2022/05/19 23:37:30 kid12| commBind Cannot bind socket FD 6459 to <*IP*>:
(98) Address already in use
current master transaction: master48561031
While the system is in this state, local curl’s to another endpoint on the
same node are not able to obtain a TCP socket.
curl: (7) Couldn't connect to server
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220519/e79b5df5/attachment.htm>
More information about the squid-users
mailing list