On 02/22/16 18:46, Andrew Fresh wrote:
On Sat, Feb 20, 2016 at 08:06:57PM +0100, Federico Giannici wrote:
In a server (OpenBSD amd64 5.7) with many concurrent perl programs that have
to open a lot of SSH connections, I get many errors like this:
connect() on closed socket GEN136 at
/usr/local/libdata/perl5/site_perl/Net/SSH/Perl.pm line 216.
Maybe at some point no more sockets can be opened because of some limit is
reached?
I already tried to set these in sysctl.conf:
kern.maxfiles=20000
kern.somaxconn=1024
Since you don't provide much information about how many simultaneous
connections you are making or how many you are making per-second, it's
really hard to guess what might be going on.
However, the maxfiles limit here may give some indication to the amount
so my guess is that you are hitting the pf state limit. The default
state purging interval is 10 seconds, and the default state limit is
10,000 states. I'd suggest looking at the output of pfctl -si when
you're having the issue.
$ doas pfctl -sa | grep -e ^states -e interval
interval 10s
states hard limit 10000
(note that I don't actually have an OpenBSD 5.7 machine, so these
numbers may not have been the same back then)
I already raised the limit of PF states.
Thanks anyway...
