This post it is target to OBSD user that run Syncthing on it, with a large amount of files.
Unfortunately I don't have images of the problem, but I will try to describe it.
Besides following the port readme-file I also increased kern.maxfiles to 1024000, openfiles-cur and openfiles-max to 102400.
Syncthing configured, nothing fancy, just ssl and user credentials.
pf.conf:
beastie<@>BattleStar-T430 ~
§ doas cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $
#
# See pf.conf(5) and /etc/examples/pf.conf
#block return # block stateless traffic
#pass # establish keep-state
# By default, do not permit remote connections to X11
#block return in on ! lo0 proto tcp to port 6000:6010
# Port build user does not need network
#block return out log proto {tcp udp} user _pbuild
ext_if = iwn0
# ----- DEFINITIONS -----
# Reassemble fragments
set reassemble yes
# Return ICMP for dropped packets
set block-policy return
# Enable logging on egress interface
set loginterface egress
set limit table-entries 1000000
set ruleset-optimization basic
# Allow all on Loopback interface
set skip on lo
# Define ICMP message types to let in
icmp_types = "{ 0, 8, 3, 4, 11, 30 }"
table <management> { 192.168.1.176 }
table <networks_sync> { 192.168.0.0/24 192.168.1.0/24 }
# ----- INBOUND RULES -----
# Scrub packets of weirdness
match in all scrub (no-df max-mss 1440)
match out all scrub (no-df max-mss 1440)
# Drop urpf-failed packets, add label uRPF
block in quick log from urpf-failed label uRPF
block quick log from <fail2ban>
# Security enhancements
block in from no-route to any
block in from urpf-failed to any
block in quick on $ext_if from any to 255.255.255.255
antispoof for $ext_if
block log all
# Pass in without restriction or rate limiting whitelsited IPs
pass in quick inet proto tcp from <management> to any
# HTTP
pass in quick on $ext_if inet proto tcp from <management> to $ext_if port { 8384 }
# SyncThing
pass in quick on $ext_if inet proto tcp from <networks_sync> to $ext_if port { 22000 }
pass in quick on $ext_if inet proto udp from <networks_sync> to $ext_if port { 21027 }
# ICMP
pass in quick inet proto icmp icmp-type $icmp_types
pass in quick inet6 proto icmp6
# SSH
pass in quick proto tcp from <management> \
to port { 22 } \
flags S/SA modulate state \
(max-src-conn 5, max-src-conn-rate 5/5, overload <fail2ban> flush global)
# ----- ALL OTHER TRAFFIC TO BE DROPPED -----
#block in quick log on egress all
block quick proto tcp from <fail2ban>
# ----- OUTBOUND TRAFFIC -----
pass out quick on egress proto tcp from any to any modulate state
pass out quick on egress proto udp from any to any keep state
pass out quick on egress proto icmp from any to any keep state
pass out quick on egress proto icmp6 from any to any keep state
(I got this config from this article.)
My Sycthing topology so far is a Latitude5400 running FBSD14.1, a desktop running Void and my Poco phone.
Directories:
- Documents:
- - 5,743 files
- - 661 directories
- - 17.6GiB
- Downloads
- - 230 files
- - 1 directory
- - 411MiB
- Games
- - 4,890 files
- - 1,153 directories
- - 19GiB
- Music
- - 1,508 files
- - 153 directories
- - 7.63GiB
- Pictures
- - 1,242 files
- - 27 directories
- - 475MiB
- Poco
- - 167 files
- - 6 directories
- - 908MiB
- Templates
- - 3,216 files
- - 1,048 directories
- - 12GiB
- Videos
- - 62 files
- - 4 directories
- - 948MiB
All directories are configures to pull the smallest files first.
When I start to sync the folders one by one, I start with Pictures (smallest one) and leave the biggest ones for last. As soon as it starts to sync the Template folder (before the Documents one) Syncthing give me errors messages like this one:
Listen (BEP/tcp): Accepting connection: accept tcp 0.0.0.0:22000: accept4: too many open files
And stop sync everything all together.
I also found this, but I'm not sure what that means.
Does anyone else here had a similar problem?