Hi,
Does anyone have recommendations on scaling concurrent connections through the squid proxy to above the ephemeral port range?
I have squid v5.5 on Ubuntu with about 48K ephemeral ports available with the ip_local_port_range. The squid is bound to listen on port 3128 and has a single tcp_outgoing_address configured. We notice that after about 40-45k concurrent connections through the proxy it is unable to reuse ports and it severely limits local ports available to other applications running on the system. The squid is setup to run 30 workers; total CPU is still under 10% during peak connection rates.
Is any build config flag required to enable SO_REUSEPORT or SO_REUSEADDR on the outbound TCP sessions opened by squid?
It does not appear that there is an option to use the IP_BIND_ADDRESS_NO_PORT sockopt flag which can help with ephemeral port reuse.
We have tried enabling tcp_tw_reuse, ip_autobind_reuse and ip_nonlocal_bind flags, but unable to get the system reuse the ephemeral ports. The fs.file-max is set to 4M. Pasted some errors below. Any suggestions are appreciated!
Thanks
Praveen
2022/05/19 23:35:00 kid12| commBind Cannot bind socket FD 3075 to <IP>: (99) Cannot assign requested address
current master transaction: master48536607
2022/05/19 23:35:00 kid23| commBind Cannot bind socket FD 1320 to <IP>: (99) Cannot assign requested address
current master transaction: master26662366
2022/05/19 23:37:30 kid13| commBind Cannot bind socket FD 3346 to <IP>: (98) Address already in use
current master transaction: master11976056
2022/05/19 23:37:30 kid12| commBind Cannot bind socket FD 6459 to <IP>: (98) Address already in use
current master transaction: master48561031
While the system is in this state, local curl’s to another endpoint on the same node are not able to obtain a TCP socket.
curl: (7) Couldn't connect to server
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
