Thanks, I think that may be our issue. Can I ask
what parameters you set
to accomplish this?
And also what is your
"net.ipv4.tcp_keepalive_time" set to?
Thanks
again
James
We had the same problem. We set the idle
timeout, and it was fixed. By
default it doesn't timeout connections.
We are only doing around 4K
transactions a minute, but the idle
connections would constantly grow to
1024. Once putting in the
timeout we maintain only about 30 idle at a
time. We set our limit to
60 seconds.
-Kevin
-----Original Message-----
From:
fedora-directory-users-bounces@redhat.com[mailto:
fedora-directory-users-bounces@redhat.com]
On Behalf Of Chavez,
James R.
Sent: Thursday, February 26, 2009 9:24
AM
To: General discussion list for the Fedora Directory server
project.
Subject: RE: [Fedora-directory-users] Too many FDS
open
-----Original Message-----
From:
fedora-directory-users-bounces@redhat.com[mailto:
fedora-directory-users-bounces@redhat.com]
On Behalf Of
sigid@JINLab
Sent: Thursday, February 26, 2009 12:43
AM
To: General discussion list for the Fedora Directory server
project.
Subject: Re: [Fedora-directory-users] Too many FDS
open
Chavez, James R. wrote:
> Hello Rich,
list,
>
>
> Earlier today we started getting this error in
our FDS error log
> repeatedly. Obviously connections were being refused
at this point. I
> had to restart the directory server for the server to
function again.
> Prior to releasing this box into production I did set
the parameters
> according to the Installation guide specifications. The
output of
> "ulimit -n" is 8192. The output of "sysctl -p" is below.(I
increased
> fs.file-max from 64000)Does anything look off?
>
net.ipv4.tcp_syncookies = 1
> net.ipv4.tcp_keepalive_time = 300
>
fs.file-max = 128000
> net.ipv4.ip_local_port_range = 1024
65000
>
> I also changed the setting in the config from
>
nsslapd-maxdescriptors: 1024 to
> nsslapd-maxdescriptors:
8192
>
> Is there a way to tweak these settings so that this will
not happen in
> the future?
> This is a dedicated consumer or
read only replica.
> Directory size is roughly 20,000 users.
> We
are running FC9 and FDS 1.1.1-3.
> We are lacking in RAM but look to
improve on that shortly.
>
> I do see on the web past posts to
this list regarding this error, I am
> currently looking through
them. Is there anyone out there that has
> experienced this and gotten
past it?
>
> Thanks
> James
>
>
[25/Feb/2009:13:30:08 -0600] - Not listening for new connections -
too
> many fds open
> [25/Feb/2009:13:30:08 -0600] - Listening
for new connections again
> [25/Feb/2009:13:30:08 -0600] - Not listening
for new connections - too
> many fds open
>
[25/Feb/2009:13:30:08 -0600] - Listening for new connections again
Is
your client using windows OS? is there any posibilities that it could
be
virus replicating and distributing it self into networks?
If storing file
on domain/networks using FDS for authentication, the
frequently
authentication process should cause the "too many fds
open".
--
We are using all Linux clients. I would not think it
would be virus
related. This implementation is actually replacing
Windows.
This box is the authentication source for all the Linux
clients.
What effect if any does replication have on fds or file
descriptors..
Thanks
James
CONFIDENTIALITY
This e-mail
message and any attachments thereto, is intended only for
use by the
addressee(s) named herein and may contain legally privileged
and/or
confidential information. If you are not the intended recipient
of this
e-mail message, you are hereby notified that any
dissemination,
distribution or copying of this e-mail message, and any
attachments
thereto, is strictly prohibited. If you have received
this e-mail
message in error, please immediately notify the sender and
permanently
delete the original and any copies of this email and any prints
thereof.
ABSENT AN EXPRESS STATEMENT TO THE CONTRARY HEREINABOVE, THIS
E-MAIL IS
NOT INTENDED AS A SUBSTITUTE FOR A WRITING. Notwithstanding
the Uniform
Electronic Transactions Act or the applicability of any other
law of
similar substance and effect, absent an express statement to
the
contrary hereinabove, this e-mail message its contents, and
any
attachments hereto are not intended to represent an offer or
acceptance
to enter into a contract and are not otherwise intended to bind
the
sender, Sanmina-SCI Corporation (or any of its subsidiaries), or
any
other person or entity.
--
Fedora-directory-users mailing
list
Fedora-directory-users@redhat.comhttps://www.redhat.com/mailman/listinfo/fedora-directory-users