-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks alot Adrian for the mbuf and TCP limiting stuff. I will be deploying your suggestions in one of my servers. I will notify you the results after testing it for a week or 2. On Fri, 10 Nov 2006 22:31:55 +0800 Adrian Chadd <adrian@xxxxxxxxxxxxxxx> wrote: > On Fri, Nov 10, 2006, Tek Bahadur Limbu wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > > > Dear All, > > > > I am facing some problems on my FreeBSD 6.0 squid box. > > > > I am using Squid-2.6.Stable5 running on FreeBSD 6.0 i386 on a Dell > > SC420. > > > > I get the following errors on my cache.log. > > > > > > 2006/11/10 16:31:06| comm_open: socket failure: (55) No buffer space > > available > > > > 2006/11/10 16:31:06| comm_open: socket failure: (55) No buffer space > > available > > 2006/11/10 16:31:06| comm_open: socket failure: (55) No buffer space > > available2006/11/10 16:31:07| parseHttpRequest: Unsupported method > > 'aa > > > > 2006/11/10 16:31:07| clientReadRequest: FD 2695 (x.x.x.x:21026) > > Invalid Request > > 2006/11/10 16:31:08| parseHttpRequest: Unsupported method 'REGISTER' > > > > > > When I look at my /var/log/message, I get the following: > > > > Nov 10 16:31:21 proxy6 kernel: Limiting closed port RST response > > from 232 to 200 packets/sec > > Nov 10 16:35:34 proxy6 kernel: Limiting closed port RST response > > from 201 to 200 packets/sec > > > > Nov 10 16:36:17 proxy6 last message repeated 6 times > > > > I guess that that the first problem is related to networking related > > buffers. But what does the 2nd error mean? > > Take a look at the output of netstat -mb: > > nympho# netstat -mb > 77/144/131072 mbufs in use (current/peak/max): > 65 mbufs allocated to data > 12 mbufs allocated to packet headers > 64/80/32768 mbuf clusters in use (current/peak/max) > 196 Kbytes allocated to network (0% of mb_map in use) > 0 requests for memory denied > 0 requests for memory delayed > 0 calls to protocol drain routines > > See if you've run out of membufs. FreeBSD versions prior to 6 used to > log something in dmesg when it was running out of nmbclusters; I > wonder why it stopped. > > It lmight also be a full accept queue for incoming connections. > > sysctl kern.ipc.somaxconn ; might need to up it a little. > > Second is the TCP limiting stuff. > > sysctl -w net.inet.icmp.icmplim=0 > > Here's /etc/sysctl.conf on my FreeBSD test server. I'd appreciate > feedback if I've boneheaded anything: > > nympho# cat /etc/sysctl.conf > net.inet.tcp.sendspace=65536 > net.inet.tcp.recvspace=65536 > vm.defer_swapspace_pageouts=1 > net.inet.tcp.msl=3000 > kern.maxfiles=32768 > kern.maxfilesperproc=16384 > net.inet.icmp.icmplim=0 > kern.ipc.shmseg=128 > kern.ipc.shmall=16384 > net.inet.tcp.delayed_ack=0 > > > and /boot/loader.conf: > > nympho# cat /boot/loader.conf > # -- sysinstall generated deltas -- # > userconfig_script_load="YES" > kern.ipc.maxsockets=32768 > kern.ipc.nmbclusters=32768 > kern.ipc.nmbufs=131072 > > > > > Adrian > > > - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu Jwl Systems Department Worldlink Communications Pvt. Ltd. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFVq91wXBzLfFnNxQRAg5LAKCccfDxxTAKBY0nEGiUsfvjRW1z6ACdHjZc 0lFE/JXKkjx1HHTZIgiKNZE= =mQSl -----END PGP SIGNATURE-----
