Is it possible to configure php-fpm to listen on localhost:9000 (IP:PORT) instead of socket in Pfsense?
-
Not sure where you would get the idea that ip:port works better than socket.. But ok.. Explains why you might want to try it out.. But if your getting 502 errors.. I find it hard to believe switching to ip:port would fix it.
-
What should I do to resolve 502 error, any suggestion?
I am using the latest version of Pfsense. -
I loved and would like to use Pfsense but 502 error and squid cache are frustrating me. as I am not able to completely disable squid cache for both HDD and RAM.
Please help me in resolving these issues.
If you have a commercial version of this then please let me know.
-
@bablu-kare If commercial version resolves both the issues.
-
@johnpoz What should I do to resolve 502 error, please suggest?
-
Most likely cause is that you are running your system out of RAM. You have not provided enough information to speculate about how/why that is happening.
-
Just a ques : remove squid and your "502" are gone, right ?
I'm running a plain vanilla pfSense 2.4.4, which means you and I have exactly the same software, and I never ever saw something that look like a 502.
Btw : your settings and mine are probably different. -
@jimp System has 16 GB RAM, with I5 ( 4core) CPU.
I think it's happening because of heavy load maybe, as I am using Pfsense for 80 Users.
Pfsense works fine for 1-2 hour after restarting PHP-PFM and after that throw 502 error in the browser when users access any sites.
-
I do remember something like this : squid is a mono core program. Better check this.
-
@gertjan I think, that is working fine for you because you are using that for the single machine.
-
@bablu-kare said in Is it possible to configure php-fpm to listen on localhost:9000 (IP:PORT) instead of socket in Pfsense?:
@gertjan I think, that is working fine for you because you are using that for the single machine.
16 Gb mem - 'old' Pentium quad core ..... (you're right, it's a single machine) 50 users max (captive portal users and company employees) and : no squid.
-
@gertjan Please suggest what and where should I check, because I've tried my level best to resolve this issue, but no luck.
-
@gertjan What should I do to use it for 80+ users?
Is there any commercial version of it?
-
16GB RAM should be OK unless the squid settings are set badly. You still haven't provided any details about what you're doing with squid specifically, or any other services on the firewall.
If you're using DNS over TLS, for example, you could be hitting a memory leak in Unbound. Or squid could be eating all the RAM. You need to collect more information about the state of the system when it's failing.
For example, connect over ssh and watch the output of
top -aSHand see what is using the most resources. -
Added to what @jimp said : if you see one ore more of the "php-fpm" eating up all processor(s) time, or your memory, your "502" issue is explained.
As said : to isolate the problem : ditch squid for the time being.
If, after some time, - 2 days or so, everything stays normal, you know where to focus your search.Btw : I'm mentioning "php" here, but it could be anything. More details are needed to say something more precis.
-
@jimp I think, lack of resources not causing this problem.
Here is the detail which services are running:
- Squid with LightSquid: just to monitor network traffic on HTTP/HTTPS only not for cache and filtering traffic.
- DNS as resolver
- Captive portal
- DHCP server
-
Without details, what you think is the cause does not matter. Find evidence.
-
I'll collect the details and come back with it.
Thanks for your time and suggestion! -
You might try increasing the available php process in System > Advanced > Admin Access.
Set max processes to something higher, try 4 to start.
However is something is hanging the available php processes this may only delay the errors.Steve
