On Tue, Sep 10, 2013 at 11:51 PM, Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > Hi Niki, > > We have seen similar problems with high-performance Web Polygraph > tests and added an option for Polygraph clients to explicitly manage > client port assignment instead of relying on kernel's ephemeral ports > algorithm. Polygraph code also detects runtime collisions with other > programs and moves conflicting ports into a "do not use unless > absolutely necessary" pile. > > The combination of the two approaches solves the problem, provided you > have enough IP addresses to accommodate all concurrent outgoing TCP > connections (in all relevant TCP states) for your request rates. > > You can add a similar feature to Squid. If your SMP workers share > outgoing IP addresses, then specifying non-overlapping worker-specific > port ranges should work without the need for synchronization among workers. Thanks for the valuable advice. In our scenario it's much easier, because we use TPROXY. How many ports per IP will be known to the kernel of our proxy? 10-20-50-100 (the number of http connections of this user). There are 665535 ports available, so random port selection will hit existing port in use very, very rarely. Say once on 600 binds. On EADDRINUSE you just retry with another port (say, previous port plus 1) until you stop getting EADDRINUSE. Niki
