Internet gatekeeper for Linux - exhausting max. number of connections (pre_spawn)

hansemann

Hi there,

 

We are facing some issues with Internet Gatekeeper for Linux 4.07.3280. The error log of FSIGK HTTP daemon shows the following errors and users using the proxy complain about web pages not opening.

 

###ERROR### Maximum connections: warning: Client connections reached maximum connections(1250). More request will be blocked/rejected. If there is many warnings, please increase 'Maximum Connections' settings(pre_spawn value of fsigk.ini) of this service. (200 will be good value as start line).

 

We had the issue already some time ago and it was raised with F-Secure support. It was recommended to upgrade from 4.04 to 4.07 at this time but since we are running latest version of FSIGK for Linux we can just increase pre_spawn value further. Currently it has been increased to 2000 which is 10x the proposed value. The above connections has been created by an office of 10 users.

 

I know today's web browsers open a number of parallel streams but I can't imagine any of our users creating on average 125 simultaneous connections via HTTP/HTTPS.

 

Any recommendation would be appreciated.

 

Best regards,

Hans

 

 

 

 

Peter

My recommendation is to create a support ticket as troubleshooting similar issues requires more information to understand the problem ... and provide a solution or workaround.

If possible, attach the fsdiag file to your ticket created when the issue with the error "Maximum connections:warning" was occurring.

 

To create the fsdiag:

 

# cd /opt/f-secure/fsigk ; make diag

 

To create the support ticket, go here.

hansemann

Thanks, Peter. I have created a support ticket and provided the fsdiag as suggest. Will see what comes out from this.