Linux file handle limits the network

In this blog post, one can find out how to fine tune maximum network connections available for Green Screens Terminal Server running on the Linux based OS.

Operating systems uses file handles to an opened OS resource. The name "file handle" is a little misleading, as file handle is not only a pointer to a file on the drive, but it can also be a pointer to a network connection or something else. By default, file handles per process are limited usually to 1024 which might be a problem for a web server if there are many parallel user connections.

Greens Screens Terminal server is not an exception. For each web 5250 instance, there will be at least 2 additional connections. And if a printer session is used along 5250, additional 2 connections are opened. On top of that, every user usually has 2-3 active terminal sessions, which counts to a minimum 6-9 network file descriptors in use. Adding a printer session, file descriptors increase by 2 per printer session, which leads to 8-11 file descriptors in use.

What is the meaning of all those numbers?

Let's say there are 1000 workstations, each workstation will open two 5250 terminals and one printer session. We can estimate (2*session) +1 = 7 file descriptors; also, take additional 3 for reserve. So, for 1000 workstations there will be an estimated requirement of 10,000 file descriptors for a Green Screens Server (which process is default limited by OS to 1024 file descriptors only).

To solve the problem, we can run multiple Green Screen Server instances, which in our case would be 10. This is quite unpractical and complicate maintenance and setup. The easier approach is to simply increase an OS file descriptor limit.

Changing OS file descriptor limit

Linux has a command ulimit which allows viewing various resource limitations setup including file descriptor.

To verify what is your OS file descriptor limit, simply type the following in command line

ulimit -n

The limit can be changed dynamically from a bash script...

ulimit -n 10000

However, this might be a problem, as there are "soft" and "hard" limit. Hard limit is an OS level defined maximum, while soft limit is a limit the non-root process can change to a maximum of hard limit.

So, we need to change hard limit first before using soft limit. Use the following command...

sudo su
ulimit -H -n 10000

...this will increase the maximum limit soft limit can be set to. After that, a bash script running as a Green Screen Server user can set "ulimit -n 10000" on its startup script.

Another approach is to change ulimit config file to required values that will be kept even after server restart.  Simply open /etc/security/limits.conf file as root and at the end of the file add the following.

* soft nofile 10000
* hard nofile 10000

With this change, there is no need for using ulimit command within bash script.

Final word

Remember, when there are connections issues with Green Screens Server running on Linux environment, except firewall, or active network monitoring and threat prevention tools or hardware, which might be creating the issues, OS file descriptor limitation settings also might be the reason.

Other network settings ideas can be found here.