On 19/11/2011 12:21 a.m., Nataniel Klug wrote:
Hi Eliezer,
Thanks for you answer:
well this is one of the big problems of the conntrack thingy..
what you can try is to also to change the tcp to:
sysctl net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=3600
cause it might causing the problem of such a huge ammount of connection
tracking size.
the basic size is 120 minutes which can cause a lot of troubles in many
cases
of open connections.
and by the way.. do you really have 155K connections? it seems like too
much.
hope to hear more about the situation.
Regards Eliezer
[Nataniel Klug] So Eliezer, I don't think I have 155k connections. Most of
them are FIN_WAIT1 (about 35~45k). I have 1000 pppoe clients behind this
squid box so even if each of them had 50 connections, I would have 50k. I
think closing really fast can solve the problem. I set it to close on 5
minutes and I will make a try right now.
Some assumption in there needs a double-check. Modern websites can use
50 (or more) connections to load any given page. Clients are not
uncommonly having several such pages browsing at once in tabbed browser
agents. And Squid uses 2x sockets per client connection.
So, while 150K for 1K clients does seem unusual normally. It is within
the upper limits they *could* be using if they happend to all be
browsing at the same time. I would expect to see some correspondingly
high request rate in the Squid stats though.
Amos