From owner-freebsd-hackers@FreeBSD.ORG Thu Aug 1 03:59:21 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 4482C247 for ; Thu, 1 Aug 2013 03:59:21 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 17B5725E5 for ; Thu, 1 Aug 2013 03:59:20 +0000 (UTC) Received: from jre-mbp.elischer.org (etroy.elischer.org [121.45.226.51]) (authenticated bits=0) by vps1.elischer.org (8.14.7/8.14.6) with ESMTP id r713xGNh036514 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Wed, 31 Jul 2013 20:59:19 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <51F9DD11.1020606@freebsd.org> Date: Thu, 01 Aug 2013 11:59:13 +0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-hackers@freebsd.org Subject: Re: Stacking lots of IP's on a single box - any 'gotchas'? References: <34C668004A0D654205D0516B@Mail-PC.tdx.co.uk> <20130731202722.GA11852@night.db.net> In-Reply-To: <20130731202722.GA11852@night.db.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 03:59:21 -0000 On 8/1/13 4:27 AM, Diane Bruce wrote: > On Wed, Jul 31, 2013 at 11:47:02PM +0400, Sergey Kandaurov wrote: >> On 31 July 2013 13:37, Karl Pielorz wrote: >>> Hi, >>> >>> We've got a number of boxes we'd like to consolidate - this could mean >>> upward of 1,500 IP's on a single box (9.1 amd64). >>> >>> Last time we did anything like this we hit at issue at around 900 (ntpd >>> 'binds' by default to all available IP's - I think we had a workaround for >>> that). >>> >> This is because select() has a limit on FD_SETSIZE (1024). >> If it tries to select > 1024 fds, bad things could happen. >> Newer ntpd (not in base) has a feature to bind only to the specific >> interface; this was used to run ntpd on boxes with > 1200 IPs on 1 i/face. > I can tell you from experience that FreeBSD has no problems at all selecting > on more than 1024 fds. In fact, this is what I would suggest you do. > Your limit then is going to be the number of anonymous ports on each > IP. Figure 32000 or so to be conservative that's more than what you need. Once again. I ask: Why do you want to do this? if you just want to respond to a small number of ports on multiple addresses there are easier ways to do this with a single socket. > > >>> But is there any hard limit we're likely to encounter putting so many IP's >>> on a single machine? - Are there any limits that would likely need tuning to >>> support that many IP's? >>> >> Unlikely, besides those unrelated things like ntpd+select() et.al. >> >> -- >> wbr, >> pluknet > - Diane