<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/REC-html40/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<title></title>
</head>
<body style="font-family:Arial;font-size:14px">
<p>Citando Amos Jeffries <<a href="mailto:squid3@treenet.co.nz">squid3@treenet.co.nz</a>>:</p>
<blockquote style="border-left:2px solid blue;margin-left:2px;padding-left:12px;" type="cite">
<p><br>
CONNECT requests with tunnels can be particularly long lived, mobiles<br>
and their applications stay active for weeks on end with few outward<br>
signs of what is happening inside the encrypted tunnel. The only way to<br>
be sure the connection is finished with is when one of the client or<br>
server remote endpoints closes it.<br>
<br>
* The port 55815 connection _was_ closed sometimes within 15 mintes of<br>
the lsof being run.<br>
<br>
* The port 52288 connection is still being used.<br>
<br>
Given the timespan between those messages and the lsof, it is also<br>
possible they were closed and reopened in between. If you have a lot of<br>
ports in active use, then re-use of closed ones becomes more likely.<br>
Though I suspect it is just persistence doing what it is designed to do.<br>
You will need a more detailed trace of the entire time period to know.</p>
</blockquote>
<p><br>
<br>
11 more hours have passed since my last "lsof" and cause it's Sunday I'm sure that no device have been connected to 192.168.x.x network at least for 15 hours.<br>
Right now lsof output is the same as 11 hours before:<br>
<br>
squid 32490 proxy 12u IPv6 4065613 0t0 TCP 172.16.10.22:3126->192.168.93.113:55815 (CLOSE_WAIT)<br>
squid 32490 proxy 14u IPv6 4097822 0t0 TCP 172.16.10.22:3126->192.168.90.207:52288 (ESTABLISHED)<br>
...<br>
<br>
Squid is still using file descriptors 12 and 14 (and a lot of others) for the same connections as yesterday, although the mobile devices it was connected to have not been online in our network for at least 15 hours.<br>
Is it by design?<br>
Raising file descriptors limit is the only solution?<br>
The maximum number of file descriptors in my installation is set to 65535. Is there any drawback to increasing this number let's say by a factor of ten?<br>
<br>
Regards,<br>
André<br></p>
</body>
</html>