Updating OpenBSD section of doc/TUNING.
This commit is contained in:
rl1987
parent
aba90b2125
commit
aa4f773670
71
doc/TUNING
71
doc/TUNING
|
|
@ -38,62 +38,41 @@ read-only on OS X.
|
|||
OpenBSD
|
||||
-------
|
||||
|
||||
For recent versions of OpenBSD (5.5 and 5.6, and probably older releases
|
||||
as well), the maximum number of file descriptors that can be opened is
|
||||
7030:
|
||||
Because OpenBSD is primarily focused on security and stability, it uses default
|
||||
resource limits stricter than those of more popular Unix-like operating systems.
|
||||
|
||||
http://unix.stackexchange.com/questions/104929/does-openbsd-have-a-limit-to-the-number-of-file-descriptors/104948#104948
|
||||
OpenBSD stores a kernel-level file descriptor limit in the sysctl variable
|
||||
kern.maxfiles. It defaults to 7,030. To change it to, for example, 16,000 while
|
||||
the system is running, use the command 'sudo sysctl kern.maxfiles=16000'.
|
||||
kern.maxfiles will reset to the default value upon system reboot unless you also
|
||||
add 'kern.maxfiles=16000' to the file /etc/sysctl.conf.
|
||||
|
||||
The maximum number of file descriptors that an OpenBSD machine can have
|
||||
open is stored in the sysctl variable kern.maxfiles. This value defaults
|
||||
to 7030 - to verify this, run sysctl kern.maxfiles.
|
||||
There are stricter resource limits set on user classes, which are stored in
|
||||
/etc/login.conf. This config file also allows limit sets for daemons started
|
||||
with scripts in the /etc/rc.d directory, which presumably includes Tor.
|
||||
|
||||
To immediately change a running system's file descriptor limit to, for
|
||||
example, 20,000 files, run sudo sysctl kern.maxfiles=20000. All sysctl
|
||||
variables are reset upon reboot using defaults and /etc/sysctl.conf, so
|
||||
to make your change permanent you must add the line kern.maxfiles=20000
|
||||
to /etc/sysctl.conf.
|
||||
|
||||
One can also change a maximum number of allowed file descriptors for Tor
|
||||
daemon alone by editing /etc/rc.d/tor and adding the following lines:
|
||||
To increase the file descriptor limit from its default of 1,024, add the
|
||||
following to /etc/login.conf:
|
||||
|
||||
tor:\
|
||||
:openfiles-max=8192:\
|
||||
:tc=daemon:
|
||||
:openfiles-max=13500:\
|
||||
:tc=daemon:
|
||||
|
||||
However, there are stricter limits set on users. This is a security
|
||||
feature intended to prevent one user from choking out others by opening
|
||||
all possible file descriptors.
|
||||
Upon restarting Tor, it will be able to open up to 13,500 file descriptors.
|
||||
|
||||
The stricter limits are set in /etc/login.conf. This config file sets
|
||||
resource access rules for user classes. You should be running
|
||||
Tor as a non-privileged daemon user '_tor', which belongs to the 'daemon'
|
||||
class. It will therefore be subject to the 'default' and 'daemon' rules.
|
||||
There are two relevant rules: openfiles-cur and openfiles-max. The prior
|
||||
is the initial limit upon login - the soft limit. The latter is the maximum
|
||||
limit that can be set using 'ulimit -n' or setrlimit() without editing
|
||||
/etc/login.conf and rebooting. This is known as the hard limit.
|
||||
This will work *only* if you are starting Tor with the script /etc/rc.d/tor. If
|
||||
you're using a custom build instead of the package, you can easily copy the rc.d
|
||||
script from the Tor port directory. Alternatively, you can ensure that the Tor's
|
||||
daemon user has its own user class and make a /etc/login.conf entry for it.
|
||||
|
||||
Without editing /etc/login.conf, daemon-owned processes have
|
||||
soft limit of 512 open files and a hard limit of 1024 open files.
|
||||
Tor can increase the soft limit as needed, so you will therefore
|
||||
eventually get warnings about running out of available file descriptors
|
||||
once Tor reaches ~1024 open files.
|
||||
High-bandwidth relays sometimes give the syslog warning:
|
||||
|
||||
To increase the hard limit, add the following line to the daemon class
|
||||
rules in /etc/login.conf:
|
||||
/bsd: WARNING: mclpools limit reached; increase kern.maxclusters
|
||||
|
||||
tor:\
|
||||
:openfiles-max=8192:\
|
||||
:tc=daemon:
|
||||
|
||||
Upon restarting the machine, Tor will be able to open up to 6500 file
|
||||
descriptors.
|
||||
|
||||
Be aware that, by doing this, you are bypassing a security and stability
|
||||
feature of the OS. If you are running your relay on a weak or old system,
|
||||
watch your system load to ensure that it can handle this many open files.
|
||||
Also, Tor may interfere with any other programs that open many files.
|
||||
In this case, increase kern.maxclusters with the sysctl command and in the file
|
||||
/etc/sysctl.conf, as described with kern.maxfiles above. Use 'sysctl
|
||||
kern.maxclusters' to query the current value. Increasing by about 15% per day
|
||||
until the error no longer appears is a good guideline.
|
||||
|
||||
Disclaimer
|
||||
----------
|
||||
|
|
|
|||
Loading…
Reference in New Issue