________________________________ From: Eliezer Croitoru <eliezer@xxxxxxxxxxxx> > > Just so you would notice: > open files (-n) 4096 > > you should first make it at least 16384 if not more... > It's not harmful to start with 65535 and then see if the issue still persists or things get resolved. > Maybe the issue with the ssl_crtd is related to the FD issue but I'm not 100% sure. > What OS are you using? Thanks for the tip Eliezer. I'm using Gentoo Linux with the standard kernel and base system. I used to use the "hardened" version, but I recently had networking issues with it so I moved away from it. I'm saying this because I already increased the default ulimit values I reported (of which "open files 4096") in the "standard" Gentoo system. The original default was half as much (2048). This is only my guess, but I think this Gentoo flavor is meant for general use, especially desktop. On the other hand, Gentoo Hardened (and other flavors) might be more server-oriented. I do NOT know yet if the ulimit values in the hardened version are different. I did not know that the OS defaults would be so restrictive, especially if you say that I can safely start with 65535 open files. To make a long story short, I'll try raising the value to 65535. Would you suggest to set the same for both soft and hard? * soft nofile 65535 * hard nofile ? Is a squid restart enough to apply, or is it recommended to restart the kernel/system? I also stumbled on the following directives in squid.conf. client_lifetime defaults to 1 day. I might need to set it to a lower value. However, I don't see too many connections with: # netstat -a -n | grep CLOSE_WAIT Squid doc also suggests to tune these settings: read_timeout, request_timeout, persistent_request_timeout and quick_abort A bit risky... but I'll take a look at it. Vieri _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
