Solaris Platform-Specific Issues

This section discusses miscellaneous Solaris Platform-specific issues and tuning tips, and includes the following topics:

• Files Open in a Single Process (File Descriptor Limits)

• Failure to Connect to HTTP Server

• Connection Refused Errors

• Tuning TCP Buffering

Files Open in a Single Process (File Descriptor Limits)

Different platforms each have limits on the number of files that can be open in a single process at one time. For busy sites, increase that number. On Solaris systems, control this limit by setting rlim_fd_max in the /etc/system file. For Solaris 8, the default is 1024, which you can increase to 65536. For Solaris 9 and 10, the default is 65536, which does not need to be increased.

After making this or any change in the /etc/system file, reboot Solaris to put the new settings into effect. In addition, if you upgrade to a new version of Solaris, remove any line added to /etc/system and add it again only after verifying that it is still valid.

An alternative way to make this change is using the ulimit –n "value" command. Using this command does not require a system restart. However, this command only changes the login shell, while editing the etc/system file affects all shells.

Failure to Connect to HTTP Server

If users are experiencing connection time-outs from a browser to Proxy Server when the server is heavily loaded, you can increase the size of the HTTP listener backlog queue. To increase this setting, edit the HTTP listener's listen queue value.

In addition to this setting, you must also increase the limits within the Solaris TCP/IP networking code. There are two parameters that are changed by executing the following commands:

/usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q 8192
/usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q0 8192

These two settings increase the maximum number of two Solaris listen queues that can fill up with waiting connections. tcp_conn_req_max_q increases the number of completed connections waiting to return from an accept() call. tcp_conn_req_max_q0 increases the maximum number of connections with the handshake incomplete. The default values are 128 and 1024, respectively. To automatically have these ndd commands executed after each system reboot, place them in a file called /etc/init.d/network-tuning and create a link to that file named /etc/rc2.d/S99network-tuning.

You can monitor the effect of these changes by using the netstat -s command and looking at the tcpListenDrop, tcpListenDropQ0, and tcpHalfOpenDrop values. Review them before adjusting these values. If the parameters are not set to zero, adjust the value to 2048 initially, and continue to monitor the netstat output.

The Proxy Server HTTP listener's listen queue setting and the related Solaris tcp_conn_req_max_q and tcp_conn_req_max_q0 settings are meant to match the throughput of the Proxy Server. These queues act as a "buffer" to manage the irregular rate of connections coming from web users. These queues allow Solaris to accept the connections and hold them until they are processed by the Proxy Server.

Do not accept more connections than the Proxy Server is able to process. Instead, limit the size of these queues and reject further connections than to accept excess connections and fail to service them. The value of 2048 for these three parameters typically reduces connection request failures, and improvement has been seen with values as high as 4096.

This adjustment is not expected to have any adverse impact in any web hosting environment, so you can consider this suggestion even if your system is not showing the symptoms mentioned.

Connection Refused Errors

If users are experiencing connection refused errors on a heavily loaded server, you can tune the use of network resources on the server.

When a TCP/IP connection is closed, the port is not reused for the duration of tcp_time_wait_interval (default value of 240000 milliseconds). This is to ensure that there are no leftover segments. The shorter the tcp_time_wait_interval, the faster precious network resources are again available. This parameter is changed by executing the following command. Do not reduce the parameter below 60000

/usr/sbin/ndd -set /dev/tcp tcp_time_wait_interval 60000

To automatically have this ndd command executed after each system reboot, place it in a file called /etc/init.d/network-tuning and create a link to that file named /etc/rc2.d/S99network-tuning.

If your system is not exhibiting the symptoms mentioned, and if you are not well-versed in tuning the TCP protocol, do not change the above parameter.

Tuning TCP Buffering

If you are seeing unpredictable intermittent slowdowns in network response from a consistently loaded server, investigate setting the sq_max_size parameter by adding the following line to the /etc/system file:

set sq_max_size=512

This setting adjusts the size of the sync queue, which transfers packets from the hardware driver to the TCP/IP protocol driver. Using the value of 512 allows the queue to accommodate high volumes of network traffic without overflowing.