From d94ff2fae57f9d9ef58d6bed35fbd308474adad8 Mon Sep 17 00:00:00 2001 From: Adam Dickmeiss Date: Tue, 14 Oct 2003 13:48:54 +0000 Subject: [PATCH] More config file documentation. Mention ulimit --- doc/proxy.xml | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 80 insertions(+), 6 deletions(-) diff --git a/doc/proxy.xml b/doc/proxy.xml index 2e26476..051e0fb 100644 --- a/doc/proxy.xml +++ b/doc/proxy.xml @@ -289,7 +289,6 @@ <?xml version="1.0"?> - <!-- $Id --> <proxy> <!-- content here .. --> </proxy> @@ -347,15 +346,25 @@ bandwidth and pdu. The bandwidth is the maximum total bytes transferred to/from the target. If a target session exceeds this - amount it is shut down (and no longer kept alive). + limit, it is shut down (and no longer kept alive). The pdu is the maximum number of requests sent - to the target. If a target session exceeds this amount it is + to the target. If a target session exceeds this limit, it is shut down. The idea of these two limits is that avoid very long - sessions that eat resources in a backend (that leaks!). + sessions that use resources in a backend (that leaks!). + + + The following sets maximum number of bytes transferred in a + target session to 1 MB and maxinum of requests to 400. + + <keepalive> + <bandwidth>1048576</bandwidth> + <retrieve>400</retrieve> + </keepalive> +
- Configuration:limit + Configuration: limit The limit section specifies bandwidth/pdu requests limits for an active session. @@ -374,6 +383,22 @@ limit is to ensure that clients that downloads hundreds or thousands of records do not hurt other users. + + The following sets maximum number of bytes transferred per minute to + 500Kbytes and maximum number of requests to 40. + + <limit> + <bandwidth>524288</bandwidth> + <retrieve>40</retrieve> + </limit> + + + + + Typically the limits for keepalive are much higher than + those for session minute average. + +
@@ -381,11 +406,28 @@ The attribute element specifies accept or reject or a particular attribute type, value pair. + Well-behaving targets will reject unsupported attributes on their + own. This feature is useful for targets that do not gracefully + handle unsupported attributes. + + + Attribute elements may be repeated. The proxy inspects the attribute + specifications in the order as specified in the configuration file. + When a given attribute specification matches a given attribute list + in a query, the proxy takes appropriate action (reject, accept). - The attribute has two required attributes: + If no attribute specifications matches the attribute list in a query, + it is accepted. + + + The attribute element has two required attributes: type which is the Attribute Type-1 type, and value which is the Attribute Type-1 value. + The special value/type * matches any attribute + type/value. A value may also be specified as a list with each + value separated by comma, a value may also be specified as a + list: low value - dash - high value. If attribute error is given, that holds a @@ -396,6 +438,14 @@ If attribute error is not given, the attribute type, value is accepted and passed to the backend target. + + A target that supports use attributes 1,4, 1000 through 1003 and + no other use attributes, could use the following rules: + + <attribute type="1" value="1,4,1000-1003"> + <attribute type="1" value="*" error="114"/> + +
@@ -444,6 +494,10 @@ target and specifies the amount in seconds before a target session is shut down. + + This can also be specified on the command line bt using option + -T. Refer to . +
@@ -452,6 +506,10 @@ The element client-timeout is the child of element target and specifies the amount in seconds before a client session is shut down. + + + This can also be specified on the command line by using option + -i. Refer to .
@@ -477,6 +535,22 @@ allowed connections to targets (all targets). If this limit is reached the proxy will close the least recently used connection. + + Note, that many Unix systems impose a system on the number of + open files allowed in a single process, typically in the + range 256 (Solaris) to 1024 (Linux). + The proxy uses 2 sockets per session + a few files + for logging. As a rule of thumb, ensure that 2*max-clients + 5 + can be opened by the proxy process. + + + + Using the + bash shell, you can set the limit with + ulimit -nno. + Use ulimit -a to display limits. + + -- 1.7.10.4