TUNING 3.3 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485
  1. Most operating systems limit an amount of TCP sockets that can be used
  2. simultaneously. It is possible for a busy Tor relay to run into these
  3. limits, thus being unable to fully utilize the bandwidth resources it
  4. has at its disposal. Following system-specific tips might be helpful
  5. to alleviate the aforementioned problem.
  6. Linux
  7. -----
  8. Use 'ulimit -n' to raise an allowed number of file descriptors to be
  9. opened on your host at the same time.
  10. FreeBSD
  11. -------
  12. Tune the following sysctl(8) variables:
  13. * kern.maxfiles - maximum allowed file descriptors (for entire system)
  14. * kern.maxfilesperproc - maximum file descriptors one process is allowed
  15. to use
  16. * kern.ipc.maxsockets - overall maximum numbers of sockets for entire
  17. system
  18. * kern.ipc.somaxconn - size of listen queue for incoming TCP connections
  19. for entire system
  20. See also:
  21. * https://www.freebsd.org/doc/handbook/configtuning-kernel-limits.html
  22. * https://wiki.freebsd.org/NetworkPerformanceTuning
  23. Mac OS X
  24. --------
  25. Since Mac OS X is BSD-based system, most of the above hold for OS X as well.
  26. However, launchd(8) is known to modify kern.maxfiles and kern.maxfilesperproc
  27. when it launches tor service (see launchd.plist(5) manpage). Also,
  28. kern.ipc.maxsockets is determined dynamically by the system and thus is
  29. read-only on OS X.
  30. OpenBSD
  31. -------
  32. Because OpenBSD is primarily focused on security and stability, it uses default
  33. resource limits stricter than those of more popular Unix-like operating systems.
  34. OpenBSD stores a kernel-level file descriptor limit in the sysctl variable
  35. kern.maxfiles. It defaults to 7,030. To change it to, for example, 16,000 while
  36. the system is running, use the command 'sudo sysctl kern.maxfiles=16000'.
  37. kern.maxfiles will reset to the default value upon system reboot unless you also
  38. add 'kern.maxfiles=16000' to the file /etc/sysctl.conf.
  39. There are stricter resource limits set on user classes, which are stored in
  40. /etc/login.conf. This config file also allows limit sets for daemons started
  41. with scripts in the /etc/rc.d directory, which presumably includes Tor.
  42. To increase the file descriptor limit from its default of 1,024, add the
  43. following to /etc/login.conf:
  44. tor:\
  45. :openfiles-max=13500:\
  46. :tc=daemon:
  47. Upon restarting Tor, it will be able to open up to 13,500 file descriptors.
  48. This will work *only* if you are starting Tor with the script /etc/rc.d/tor. If
  49. you're using a custom build instead of the package, you can easily copy the rc.d
  50. script from the Tor port directory. Alternatively, you can ensure that the Tor's
  51. daemon user has its own user class and make a /etc/login.conf entry for it.
  52. High-bandwidth relays sometimes give the syslog warning:
  53. /bsd: WARNING: mclpools limit reached; increase kern.maxclusters
  54. In this case, increase kern.maxclusters with the sysctl command and in the file
  55. /etc/sysctl.conf, as described with kern.maxfiles above. Use 'sysctl
  56. kern.maxclusters' to query the current value. Increasing by about 15% per day
  57. until the error no longer appears is a good guideline.
  58. Disclaimer
  59. ----------
  60. Do note that this document is a draft and above information may be
  61. technically incorrect and/or incomplete. If so, please open a ticket
  62. on https://gitlab.torproject.org or post to tor-relays mailing list.
  63. Are you running a busy Tor relay? Let us know how you are solving
  64. the out-of-sockets problem on your system.