increase socket and solve squid error

  • I have an IBM System x3250 server 2.40GHZ M3 20GB memory, running pfsense 2.4.3 squid 3.5.27 and Squidguard, I use in a network with 900 users. I'm trying to make the performance better to support the amount of users trying to fix the errors, does anyone have any tips to fix the errors below?

    I get alerts sonewconn: pcb 0xfffff8013eb5aa50: Listen queue overflow: 8 already in queue awaiting acceptance (9 occurrences) I discovered it was the SAMBA4 that I use in pfsense to authenticate Squid with Active Directory
    I already changed the parameter kern.ipc.soacceptqueue = 4096
    (qlen / incqlen / maxqlen)
    Proto Listen Local Address
    tcp4 0/0/4096
    tcp4 110/0/4096

    but the problem still persists.

    The socket of this process is small Does anyone have any tips on how to increase the number 5 below?
    [2.4.3-RELEASE][root@proxy/root: netstat -Lan | grep winbind
    unix 0/0/5 /var/db/samba4/winbindd_privileged/pipe
    unix 0/0/5 /var/run/samba4/winbindd/pipe

    squid cache log
    ERROR: Error while resolving hostname with getaddrinfo: Name or service
    not known

  • It could be too many open files With unix, "everything is a file", this includes sockets. You either need to increase the max open files with ulimit for the user, or possibly in the kernel as well (/proc/sys/fs/file-max). You could also play with the amount of time spent in TIME_WAIT with /proc/sys/net/ipv4/tcp_fin_timeout. Hope this will help you to troubleshoot the issue.

  • @harrybells Resolved tks

  • @harrybells said in increase socket and solve squid error:

    o many open files With uni

    Hi Harrybells,
    where the parameters /proc/sys/net/ipv4/tcp_fin_timeout are changed?
    In my pfsense I don't have the folder /proc/sys

    Thanks in advance

Log in to reply