According to i2pd's online documentation [1], the maximum number of open file descriptors is 4096 for a regular node, and 8192 for a floodfill [2].

I have never measured how many FDs i2pd is really using, but this software for sure needs a lot of them.

So I guess we can set 4096 as default value, and inform users in the README file that this value should be raised to 8192 for floodfills.

Apart from that, Klemens' idea of moving the login class definition to /etc/login.conf.d/i2pd seems right to me. In fact, I'm doing just that in an ansible role I maintain [3] - and never thought of achieving that at the port level. I tried the patch and it applies cleanly.

[1] https://i2pd.readthedocs.io/en/latest/user-guide/FAQ/#help-i2pd-is-not-working-what-do-i-do

[2] A floodfill is a special type of router (i2pd instance) which builds a lot of tunnels to distribute the I2P network database: https://geti2p.net/en/docs/how/network-database

[3] https://codeberg.org/systemfailure.net/ansible_i2pd
 


On 2024/01/25 08:05, Stuart Henderson wrote:
> 

> On 2024/01/24 23:06, Klemens Nanni wrote:
> > Manual instructions are from 2020, we gained /etc/login.d/* support
> > in 2022, so automate it.
> 

> Comsidering that the default kern.maxfiles limit on amd64 is 7030,
> bumping maxfiles in login.conf to 8192 without making the sysctl
> change means that i2pd can consume all FDs in the system.
> 

> I think it would be better for the login.conf.d file to stick something
> lower if possible. 8192 seems a bit excessive. Is there someone using
> this software who can confirm how many FDs it *really* is likely to use?
> 

> If it really needs this many, perhaps it's better not to automate either
> setting, at least then users who bump into the limits will only have
> problems with i2pd not the rest of the system.
> 

> > diff -u -p -r1.3 README
> > --- pkg/README	8 Nov 2022 12:41:42 -0000	1.3
> > +++ pkg/README	24 Jan 2024 22:24:29 -0000
> > @@ -5,20 +5,7 @@
> >  Resource Limits: File Descriptors
> >  =================================
> >  

> > -By default, the i2pd process runs in the login(1) class of "daemon".
> > -The default limits on file descriptors are insufficient to run i2pd; instead you
> > -should put the _i2pd user and process in their own login(1) class with tuned
> > -resources.
> > -You should also raise the system-wide maxfiles limit.
> > -
> > -1. Configure i2pd login class in the login.conf(5) file:
> > -
> > -        i2pd:\
> > -                :openfiles-cur=8192:\
> > -                :openfiles-max=8192:\
> > -                :tc=daemon:
> > -
> > -2. Adjust kern.maxfiles, if needed:
> > +You should raise the system-wide maxfiles limit:
> >  

> >  	# sysctl kern.maxfiles=16000
> >  	# echo "kern.maxfiles=16000" >> /etc/sysctl.conf
> > Index: pkg/i2pd.login
> > ===================================================================
> > RCS file: pkg/i2pd.login
> > diff -N pkg/i2pd.login
> > --- /dev/null	1 Jan 1970 00:00:00 -0000
> > +++ pkg/i2pd.login	24 Jan 2024 22:23:46 -0000
> > @@ -0,0 +1,4 @@
> > +i2pd:\
> > +	:openfiles-cur=8192:\
> > +	:openfiles-max=8192:\
> > +	:tc=daemon:
> >