On Thu, Jul 30, 2009 at 3:25 AM, Balazs Scheidler
<bazsi@balabit.hu> wrote:
On Wed, 2009-07-29 at 11:22 -0400, Matt Pinkham wrote:
> For the last 24 hours on versions 2.0.4, 2.1.4, & 3.0.3 syslog-ng will
> stop taking new connections via a listening port every 100-110 minutes
> (aka it will hang up immediately). It will never recover on its own
> and has to be restarted. I haven't figured out the exact interval but
> hopefully that will be close enough to work with (note that the
> traffic is fairly low -- 10 mesgs/sec -- 500K-600K data/min). I had a
> program logging data locally via /dev/log into a named directory and
> then moved this program to a remote server. That remote server does
> not seem to be having an issue. I have observed this issue on two
> separate servers (RHEL4.Coolthat were taking this data feed. I have
> tried with flush_lines/sync & time_reopen commented out with no
> difference as well as log_fifo_size, log_mesg_size,so_recvbuf
> commented out. There are no obvious messages about why syslog-ng
> stops working (even with debug and verbose enabled). Note that these
> two servers (that stop working) are behind an Alteon 2424 switch
> (although I have other feeds to other servers working fine behind this
> switch). Ideas? Need more data?
does this mean that syslog-ng is closing the connection immediately? I
see only one reason that causes this: max_connections() limit is
reached.
try increasing max-connections()
Although this case is logged in syslog-ng's log.
--
Bazsi
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html