Galène videoconferencing server discussion list archives
 help / color / mirror / Atom feed
* [Galene] Greedy Galene :) -- file descriptors
@ 2025-01-15 13:39 Dirk-Willem van Gulik
  2025-01-15 13:51 ` [Galene] " Juliusz Chroboczek
  0 siblings, 1 reply; 2+ messages in thread
From: Dirk-Willem van Gulik @ 2025-01-15 13:39 UTC (permalink / raw)
  To: galene

Folsk,

Galene needs a relatively large number of file descriptors (and will complain in the log
about the current, 13k, limit*.

I've only once seen it use a large numbers - and that was probably more related to a large number of people coming in via mobile and a wonky telecom-NAT in a country far away.

Now I did notice that galene has a value check for 65k:

	https://github.com/jech/galene/blob/c465157eb5e31405daf3f33b8456e8c89aa51430/galene.go#L110

What is the reason for this ? What is a `normal' number for say up to a 1000 users ?

Dw

*:  e.g I need to add "kern.maxfilesperproc=50000" to /etc/sysctl.conf.local



^ permalink raw reply	[flat|nested] 2+ messages in thread

* [Galene] Re: Greedy Galene :) -- file descriptors
  2025-01-15 13:39 [Galene] Greedy Galene :) -- file descriptors Dirk-Willem van Gulik
@ 2025-01-15 13:51 ` Juliusz Chroboczek
  0 siblings, 0 replies; 2+ messages in thread
From: Juliusz Chroboczek @ 2025-01-15 13:51 UTC (permalink / raw)
  To: Dirk-Willem van Gulik; +Cc: galene

> Galene needs a relatively large number of file descriptors (and will
> complain in the log about the current, 13k, limit*.

Yes, we use a distinct socket for every WebRTC peer connection, plus one
for every WebSocket, and another bunch for NAT probing.  I'm planning to
reduce that at some point, but the functionality will remain optional
unless I can show it doesn't harm performance.

> Now I did notice that galene has a value check for 65k:
> 
> 	https://github.com/jech/galene/blob/c465157eb5e31405daf3f33b8456e8c89aa51430/galene.go#L110
> 
> What is the reason for this ? What is a `normal' number for say up to
> a 1000 users ?n

File descriptors are cheap (they cost a few hundred bytes each, including
the associated i-node).  The 1024 limit is a historical artefact, due to
limitations of the select system call on older BSD systems.

I recommend that you just set the limit to 64k and never think about it
again.  At worst, it will allow an attacker to use up a few tens of kB of
kernel memory.

-- Juliusz

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2025-01-15 13:51 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-01-15 13:39 [Galene] Greedy Galene :) -- file descriptors Dirk-Willem van Gulik
2025-01-15 13:51 ` [Galene] " Juliusz Chroboczek

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox