Hi,<br><br>You can try to change the following parameters to reduce the timeouts of the connections : <br>* system parameters (reduce keepalive time to 700 seconds):<br> echo "net.ipv4.tcp_keepalive_time = 700" >> /etc/sysctl.conf<br>
sysctl -p<br>* 389 parameters in cn=config (change the maximum time limit per search operation to 120 sec & set idle connection timeout to 600 sec):<br> nsslapd-timelimit: 120<br>
nsslapd-idletimeout: 600<br> <br>The file descriptor number used by a connecton can be seen in access log (fd=139) :<br>[28/Aug/2010:14:35:08 +0200] conn=58377 fd=139 slot=139 SSL connection from x.x.x.x to x.x.x.x<br>
<br>You may also use /<a href="http://logconv.pl">logconv.pl</a> utility to see the long requests, number of parallel/oncurrent connections and file descriptor usage ('Highest FD taken')<br>
Total Connections: 2855<br>Peak Concurrent Connections: 4<br>Total Operations: 157116<br>Total Results: 157139<br>Overall Performance: 100.0%<br>...<br>FDs Taken: 3112<br>
FDs Returned: 3112<br>Highest FD Taken: 143<br>...<br>----- Top 20 Most Frequent etimes -----<br><br>156965 etime=0 <br>58 etime=1 <br>58 etime=3 <br>
58 etime=2 <br><br><br>@+<br><br><div class="gmail_quote">2010/8/27 Angel Bosch Mora <span dir="ltr"><<a href="mailto:angbosch@conselldemallorca.net">angbosch@conselldemallorca.net</a>></span><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
hi,<br>
<br>
i had problems with "too many fds open" on some instances and after digging a bit i've found that ns-slapd dont die.<br>
<br>
i got 5 similar installations and this is happening just in two of them and i can't identify what is about.<br>
<br>
<br>
i've been recollecting process informations and i know for sure that the only process that keep increasing is ns-slapd and eventually, after some weeks, 389 starts refusing new connections and i got the "too many fds open" message.<br>
<br>
i can increase max fds but the problem of processes keeping alive is still there.<br>
<br>
anyone facing similar situation?<br>
<br>
regards,<br>
<br>
abosch<br>
<font color="#888888">--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br>
</font></blockquote></div><br>