On Mon, 19 Sep 2005, Paul P Komkoff Jr wrote:
squid configure scripts are checking MAXFD at the time of
compilation. Many systems today limiting user's usage of fds to
1024 (or even less).
In particular, one of these systems is Fedora.
Correct.
Fedora's build system working in chroot, under "casual" user. So,
standard squid packages got built with fd limit = 1024. This may be
enough for single user setup, but definitely not for 1200 hosts
behind.
1024 is good for most setups.
IMHO larger setups ought to build their own binaries anyway, if not for
filedescriptors then to benefit from the fixes of later releases and
a lot easier to track problems.
And right now, redhat guy gave me this "nice" answer:
------- Additional Comments From [EMAIL PROTECTED] 2005-09-19 04:13 EST -------
Please, route this issue to upstream, http://www.squid-cache.org/ and file the
request here. I don't want to change this default value for Fedora only. And If
you have to manage a large site, you surely don't use the default values but you
do some tuning.
Squid does intentionally pick up the system limits automatically, both
when the binary is built and also when it is started.
We can add a configure option to allow the user building the binary to
override the system defaults, but this will still require a
per-distribution decision on what limit to use and is not much different
from todays method of picking up the ulimit settings when configure is
run.
Definitely I'm doing some tuning! I'm rebuilding it myself and blocking
upstream updates for this package. Maybe it's not only me who doing same
extra work.
Chances are very high you would still need to do this even if we did the
above, for the simple reason that RedHat is unlikely to decide on anything
else than 1024.
How we can fix this on the squid side (if redhad side proven itself so
stupid)? Maybe, set default minimum for linux to 16384?
By policy we won't go above the ulimit settings (no well-behaved process
should), which on nearly all systems is 1024 filedescriptors unless manual
tuning is applied.
In the long term we hope to get rid of the dependency on the built-time
limit, only relying on the ulimit when Squid is started. There still
remains a bit of work for this however (delay pools and a few other items
depends on the build time limit).
Regards
Henri
