connect-to-listener problem in 5.4-Jail with 2.0.54 [Was: Re:
Massive 2.0.53 errors on 5.4-PRE]
Harald Schmalzbauer
harry at schmalzbauer.de
Wed May 25 06:13:40 GMT 2005
Am Dienstag, 17. Mai 2005 17:53 schrieb Harald Schmalzbauer:
> Am Montag, 4. April 2005 22:18 schrieb Emanuel Strobl:
> > Am Montag, 4. April 2005 21:38 schrieb Clement Laforet:
> > > On Mon, Apr 04, 2005 at 07:16:36PM +0200, Emanuel Strobl wrote:
> > > > Am Sonntag, 3. April 2005 23:50 schrieb Clement Laforet:
> > > > > On Sun, Apr 03, 2005 at 09:24:59PM +0200, Emanuel Strobl wrote:
> > > > > > I see the following line in the error log every second!
> > > > > > [Sun Apr 03 21:07:15 2005] [warn] (61)Connection refused:
> > > > > > connect to listener
> >
> > [...]
> >
> > > Thanks, I presume pf and altq are running on this machine.
> > > How many request per second do you have?
> >
> > Well, the error gets logged every second without any request! But if
> > you're interested in general load, this machine will stay quiet idle,
> > at least regarding http reverse-proxy requests. I never checked, it
> > belongs to a friend with a small company, I'd guess about 1k
> > requests/_day_. And you're right, pf is running, but not at high load,
> > only two 3MB/s lines are to feed, mainly with some reply-to rules.
> >
> > > > I'm absolutely no apache guru and like i said, this is a
> > > > productive machine, so I don't know where to start finding out the
> > > > meaning of the error.
> > >
> > > From source, httpd-2.0.53/server/mpm_common.c ;-)
> >
> > ;)
> >
> > > Does sysctl oid net.inet.ip.intr_queue_drops increase when these
> > > warnings occur? if yes:
> > > - increase net.inet.ip.intr_queue_maxlen to see if it solve the
> > > problem or limit the rate of error.
> > > - does apache compiled with WITH_KQUEUE_SUPPORT fix the problem?
> > >
> > > OTOH, it can come from you sslmutex configuration which may prevent
> > > apache to work correctly in a jail.
> >
> > Hmm, while trying to regenerate the problem to check the sysctl oid
> > you mentioned (which I never noticed before, and alwas is 0 here) I
> > can't reproduce the error after I altered the $/etc/apache2/ssl.conf
> > (but I could see it before, so it was reproducable today!). I changed
> > the errorlog from httpd-error to httpdssh-error (after I had reenabled
> > the "LoadModule ssl_module" line inside the ifdefined in httpd.con)
> > and the error logging stopped. After rediting ssl.conf (to httpd-error
> > again instead of httpdssh-error) the error doesn't occur any more !?!
>
> Hello, the error is still bugging me, very regularly every two weeks the
> log is full and the proxy doesn't respond. Extremely annoying.
> Right now, after a apachectl restart, it's logging one per second but
> net.inet.ip.intr_queue_drops is 0. After I killed apache and restarted
> it no errors occur, but I'm sure it'll start again in two weeks and
> fills the errorlog until it doesn't work anymore.
>
> I'll recompile apache with WITH_KQUEUE_SUPPORT and give some feedback.
> Has anyone else had luck to observe this problem in the meantime?
This time httpd-error gets flooded with these lines, one every second:
[Wed May 25 08:09:37 2005] [warn] (61)Connection refused: connect to
listener on 0.0.0.0:80
[Wed May 25 08:09:38 2005] [warn] (61)Connection refused: connect to
listener on 0.0.0.0:80
The difference is that now an address is shown, 0.0.0.0. Whatever this
sould mean.
-Harry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-apache/attachments/20050525/8a85afde/attachment.bin
More information about the freebsd-apache
mailing list