* m k <tamurin0525@xxxxxxxxx>: > The CPU is not 100%, but the number of simultaneous connections does not > exceed 450. In netstat, FIN_WAIT was over 10000. Is there a way to reduce > FiN_WAIT? We use these sysctl settings: --- snip --- # Tuning net.ipv4.tcp_fin_timeout=10 # down from 60 net.ipv4.tcp_tw_reuse=1 net.ipv4.ip_local_port_range=10000 65001 # http://www.fromdual.com/huge-amount-of-time-wait-connections net.ipv4.tcp_mtu_probing=1 net.ipv4.tcp_base_mss=1024 # https://blog.cloudflare.com/path-mtu-discovery-in-practice/ --- snip --- > Also, can socks proxy be used with squid? No. > If not, what are you using as an alternative? I had a look at dante https://www.inet.no/dante/ FYI: for a company with about 15.000 machines we're using a cluster of 4 proxies. Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 ralf.hildebrandt@xxxxxxxxxx https://www.charite.de _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
