1.6 Million IP Connections on FreeBSD

An anonymous reader writes "FreeBSD developer Terry Lambert, in a recent posting to the 'freebsd-hackers' mailing list, mentioned that he'd tuned a FreeBSD 4.4 box with 4GB of RAM to achieve 1,603,127 simultaneous IP connections, and goes on to say: 'As far as I know, I hold the single machine connection record for an x86 box.' This is an impressive achievement any way you look at it (though it begs the question of whether or not the box had any resources left to actually do anything with those connections...), and it speaks well of both FreeBSD's capabilities and Terry's skills and knowledge. I'm curious, though, if anyone has approached, matched, or exceeded that number elsewhere?"

Alternative Headline:

[leviramsey]

*BSD handles 1.6 million connections without dying.

Re:Alternative Headline:

[Directrix1]

The real question here is what is the other machine he was connecting too. Man that sucker must be one bad ass mother.

Re:No need to beg.

[remou]

sweet...:-)

as a non native english speaker I had
no bloody clue about the correct use of
begging the question...

thanx

remosito

Re:No need to beg.

[NDPTAL85]

I want food, water and air. Now show me how to get along without those.

Re:No need to beg.

[Tesseract]

1. deprive yourself of food, air, and water
2. ?????
3. PROFIT

Re:No need to beg.

[NDPTAL85]

ROFL

Re:No need to beg.

[DAldredge]

No one on slashdot uses that phrase correctly just like everyone on /. thinks alot is a word.

You can't win. Just give up, you will live longer.

Re:No need to beg.

[Arnold_Crenshaw]

Insightful, yes.

But what of the idealists? Perhaps we don't care how long we live, but just to spread the truth! (e.g., that conventions are found in a dictionary, but ignored out of arrogance.)

This has its problems, of course. For example, how do you really know if you get through to someone? And then, after a while, should you care at all? If you question someone, you are consistently attacked for being hubristic; when in reality you really can't fathom what they're thinking, yet they know they know everything.

There's a point at which clear speech doesn't work anymore, but establishing clarity goes a long way to extending its possibilities. Sarcasm, meta-funny jokes, and textbook "trolling" can make anything mean anything else. Acknowlegding this is the first step in making one's intent clear. But how do you make people desire clarity? I sure as hell don't know.

Perhaps unfortunately, I can't help but realize that people are wrong most of the time (I think slashdot is fairly representative of real life s:n, believe it or not). That's what I know. I know very little else.

If everything were not a personal attack on someone's faith in their own knowledge (which is humourous: they proclaim to posess the knowledge, yet refuse to show it for fear of being proven wrong, yet defend it anyway), then... well, that would be love.

Re:No need to beg.

[Phantasmo]

No matter how much you drag your feet, you won't be able to stop English from evolving.

Don't worry, though - it happens to alot of languages. ;)

sure

[pizza_milkshake]

my webhosting box does twice that during peak hours, but then i'm hosting free porn so it doesn't count ;)

What's your IP? - Re:sure

[pbulteel73]

Maybe I've visited...

Re:sure

[tigga]

my webhosting box does twice that during peak hours, but then i'm hosting free porn so it doesn't count ;)

It was not quantity of pages served - it was amount of concurrent opened connections to box.

Re:sure

[pizza_milkshake]

yeah, i know.

TGP?

[phorm]

I know what TGP references for content, but what does that particular abbreviation stand for? Looking it up in google brings a lot of content links, but no definitions.

Prove it...

[aridhol]

Post the address of that box here. We'll give it a real stress test.

Intellectual Property connections?

[merlyn]

That's a lot of connections to the intellectual property of others. Perhaps he should get a lawyer.

"What kind of artist are you?"

"I'm a 'Prior Artist'."

More Interesting

[mnmn]

What has been tested is simply the number of concurrent connections. More practical would be simple retrieving of say 1kb data from a database and printing it out on a very simple HTML, and checking the maximum number of THESE connections. In effect trying to really httpblast DDoS style the FreeBSD with sheer number of connections. The box will have to be massive with 4GB RAM at least (we're testing OS here not hardware) and the connection maybe (multiple?) gigabit ethernet. The result would theoretically be lower than 1.6 million but we need to show FreeBSD can scale in practical tests like these. Results from a test like that will have the power to change vendors' minds from trying to run IIS and MS SQL for a high volume site.

Re:More Interesting

[hfastedge]

theres no point in the mysql test on top of the ip test, it then becomes even moreso a pure kernel test (eg scheduler/vm....), plenty of which have been done.

But i do think that serving out 1k of html would make the test a bit more solid.

Id be interested, given this narrow field thats being tested on how linux would hold up under the same tweaking, and what tweaking exactly that would require as compared to the freebsd (yes its probably trivial, but im just curious).

Re:More Interesting

[wabb1t]

Great! There were rumours that FreeBSD was still being used at Hotmail, and this seems like possible proof.

Now if we could only see some actual hotmail pages served by that machine...

Re:More Interesting

[bigberk]

Wow! 64.4.22.23 is a Microsoft hotmail.com server and it does appear to be running Apache on a BSD server.

Re:More Interesting

[DotComVictim]

The test you propose is not a more interesting test. It is simply a different test.

The original test is designed to stress the theoretical maximum number of connections, which exercises the network stack, in particular the pcb hashing mechanisms and multiple IP address handling.

The test you propose is a real world scalability test, which has a much different purpose.

"Connections" -- ?

[brianjcain]

What are IP "Connections"? AFAIK, the transport layers can have connections, but not the network layer. IP has datagrams. I did RTFA, but there's not a whole lot of context in that message, and I was too lazy to go read the whole thread. Are they just talking about TCP connections, or what?

Re:"Connections" -- ?

[cperciva]

You evidently didn't RTFA carefully enough -- the subject line ("max simultaneous TCP connections") should have been a giveaway.

Re:"Connections" -- ?

[brianjcain]

I'll be danged. Sure enough, there it is. I sit corrected.

FreeBSD is dying

[mcgroarty]

...to take on heavy server loads.

Re:Bahhh.

[tigga]

This is just something else Apple will steal from the BSD'ers.

You can't steal anything that already free.

Re:Bahhh.

[Arandir]

This is just something else Apple will steal from the BSD'ers.

There once has a fabulous apple tree. No matter how many apples one would take from it, there were just as many as before! When this was heard by the villagers they all rushed to the apple tree and took apples. But no matter how many they took, there were just as many apples as before. But some of them came and took apples and locked them within a chest, so that none could steal them. And they laughed at the other villagers, saying, "Look, they do not protect their apples. Surely a thief will come and steal them."

IP Limit

[chadruva]

What did happen to the *BSD Box when reached the 1.6 millon of connections?, did he dyed?, did it just stoped accepting connections due low resources? why he wasn't able to pass the 1.6millon of IP connections when we can count as much 4294967296 differen IPs for a network?

Re:IP Limit

[phorm]

Maybe that's just how many incoming connections there were? It doesn't state that this was the possible limit, just that it's a high number he reached.

Nevermind that...

[gomerbud]

I would like to claim that I have the world record for a one minute load average on a FreeBSD machine.

http://gomerbud.com/daver/computing/top.asc [gomerbud.com]

Any contenders?

Re:Nevermind that...

[drsmithy]

We had a quad-Xeon FreeBSD machine sit on a load of over 900 (can't remember the exact number, but it was over 900) for about 16 hours because of some runaway scripts.

And it was still responsive enough so that the only report from the end users (a student lab of about 400 machines) was "the network seems a little slow today..."

Re:Nevermind that...

[MrChuck]

It's easy:
Take a busy machine that's mounting, say, email boxes via NFS.
Turn off the NFS server (or just wait for your P.O.S. EMC to crash

Wait a moment or three as it becomes unresponsive.

Type "uptime" and wait 3 minutes for it to return with a load average of 2085.

Now, actual CPU usage is the key. But getting a really solid stack is what FreeBSD excels at.

Re:Nevermind that...

[PatJensen]

Or learn how to tune NFS and use NFS soft mounts....

Re:Nevermind that...

[peterpi]

We had a similar situation on our 4-CPU 100-user Sun. An email the next day explained that one of the CPUs was being hot swapped.

Re:Nevermind that...

[MavEtJu]

Just use the shell-script in my .sig :-)

64-bit version

[yancey]

I wonder if the 64-bit version of FreeBSD would be able to improve upon this, since it can access more memory.

Re:it does NOT fucking "beg the question"

[paulproteus]

if anyone else uses that phrase wrong i'll have to shoot them

It's shoot him, not shoot them! See http://webster.commnet.edu/sensen/part2/thirteen/p ronouns_making.html

Broken link.

[frost22]

The given link for Terry's message seems to be broken.

Take this one [freebsd.org]

what a change,

[drwho]

Well, then, FreeBSD certainly has come a long way since late 2000, when it couldn't handle more than a thousand or so TCP connections: (Security Advisory [bindview.com])

Personally, I would be very interested in seeing how well the machine in this record-setting example handles an attack of the type mentioned in the above referenced article.