Is it possible to configure php-fpm to listen on localhost:9000 (IP:PORT) instead of socket in Pfsense?
-
If yes, then please share the configuration guide.
-
That would be No.
You're referencing to an old thread mentioning even older software - versions that do not exists anymore.It's "2.4.4" these days.
Btw : the PHP config file isn't hard to find, if you are willing to dive under the hood.
This file is generated and recreated by the pfSense GUI, but you can force it to switch form a "socket" to an IP:port.
The nginx web server used for, among other, the GUI, will stop to work, of course. -
Why would you want to do this - do you think its fix for that thread from 3 years ago?
-
Actually, I am getting 502 bad gateway error frequently and at the latest version (2.4.4).
I explored around it and found IP:Port work better than the socket that why I wanted to give a try with this but no luck.
When I switch socket to ip:port it stops working and getting socket not found error.
-
Not sure where you would get the idea that ip:port works better than socket.. But ok.. Explains why you might want to try it out.. But if your getting 502 errors.. I find it hard to believe switching to ip:port would fix it.
-
What should I do to resolve 502 error, any suggestion?
I am using the latest version of Pfsense. -
I loved and would like to use Pfsense but 502 error and squid cache are frustrating me. as I am not able to completely disable squid cache for both HDD and RAM.
Please help me in resolving these issues.
If you have a commercial version of this then please let me know.
-
@bablu-kare If commercial version resolves both the issues.
-
@johnpoz What should I do to resolve 502 error, please suggest?
-
Most likely cause is that you are running your system out of RAM. You have not provided enough information to speculate about how/why that is happening.
-
Just a ques : remove squid and your "502" are gone, right ?
I'm running a plain vanilla pfSense 2.4.4, which means you and I have exactly the same software, and I never ever saw something that look like a 502.
Btw : your settings and mine are probably different. -
@jimp System has 16 GB RAM, with I5 ( 4core) CPU.
I think it's happening because of heavy load maybe, as I am using Pfsense for 80 Users.
Pfsense works fine for 1-2 hour after restarting PHP-PFM and after that throw 502 error in the browser when users access any sites.
-
I do remember something like this : squid is a mono core program. Better check this.
-
@gertjan I think, that is working fine for you because you are using that for the single machine.
-
@bablu-kare said in Is it possible to configure php-fpm to listen on localhost:9000 (IP:PORT) instead of socket in Pfsense?:
@gertjan I think, that is working fine for you because you are using that for the single machine.
16 Gb mem - 'old' Pentium quad core ..... (you're right, it's a single machine) 50 users max (captive portal users and company employees) and : no squid.
-
@gertjan Please suggest what and where should I check, because I've tried my level best to resolve this issue, but no luck.
-
@gertjan What should I do to use it for 80+ users?
Is there any commercial version of it?
-
16GB RAM should be OK unless the squid settings are set badly. You still haven't provided any details about what you're doing with squid specifically, or any other services on the firewall.
If you're using DNS over TLS, for example, you could be hitting a memory leak in Unbound. Or squid could be eating all the RAM. You need to collect more information about the state of the system when it's failing.
For example, connect over ssh and watch the output of
top -aSHand see what is using the most resources. -
Added to what @jimp said : if you see one ore more of the "php-fpm" eating up all processor(s) time, or your memory, your "502" issue is explained.
As said : to isolate the problem : ditch squid for the time being.
If, after some time, - 2 days or so, everything stays normal, you know where to focus your search.Btw : I'm mentioning "php" here, but it could be anything. More details are needed to say something more precis.
-
@jimp I think, lack of resources not causing this problem.
Here is the detail which services are running:
- Squid with LightSquid: just to monitor network traffic on HTTP/HTTPS only not for cache and filtering traffic.
- DNS as resolver
- Captive portal
- DHCP server
