OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: New document: STRESS_README

From: Wietse Venema (wietseporcupine.org)
Date: Tue Oct 30 2007 - 10:46:10 CDT


Andreas Grimm:
> Hello Wietse,
>
> the problem is that, as far as i know, /proc/sys/fs/file-max limits
> the total open files for all processes. The open files per process

It's just a number in the kernel. I expect that the kernel no longer
uses statically allocated memory for open files and sockets. So you
should be able to specify other limits at boot time if not at runtime.

        Wietse

> is limited in the shown kernel headers. I think the problem is
> anvil. Every smptd process has a connection to anvil, and every
> connection is a file. Because of the per process limit anvil,
> which is a single process, stops the service. So /proc/sys/fs/file-max
> won't help here. Is there a way to turn off anvil in such stress
> situations (i.e. when there are more than 800 connections)? It
> might help.
> BTW:
> I'm using Suse Linux Enterprise Server. The file-max limit is set to 1575439.
>
> Andreas
>
> Wietse Venema <wietseporcupine.org> wrote: Andreas Grimm:
> > Hello postfix-users,
> >
> > maybe a short note for the linux users, because even after i
> > applied the stress tips from Wietse, the server was slow. So i
> > tried to run more processes and experienced problems running more
> > than 900 simultaneously processes of smptd. I saw something like
> ....
> [edit include/linux/fs.h, include/linux/limits.h, recompile kernel]
>
> Are you sure this could not be achieved with sysctl commands, or
> with "echo something >/proc/mumble"? See also the hints and tips
> in http://www.postfix.org/TUNING_README.html#file_limit
>
> The information in that file may be outdated, especially with
> respect to echoing stuff intro /proc. Updates are welcome.
>
> Wietse
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com