Every 3 secs in log: kresd hard limit for number of file-descriptors ? any help?

I have continuos entries in my system log after upgrading to 5.2.2:

[…]
Jun 27 18:18:10 turris kresd[23986]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:10 turris kresd[24133]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:11 turris kresd[24133]: [ta_update] refreshing TA for .
Jun 27 18:18:11 turris kresd[24133]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:13 turris hotplug: Reload resolver because of interface address update
Jun 27 18:18:14 turris kresd[24314]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:14 turris kresd[24314]: [ta_update] refreshing TA for .
Jun 27 18:18:14 turris kresd[24314]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:15 turris kresd[24469]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:15 turris kresd[24469]: [ta_update] refreshing TA for .
Jun 27 18:18:15 turris kresd[24469]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:18 turris hotplug: Reload resolver because of interface address update
Jun 27 18:18:18 turris kresd[24650]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:18 turris kresd[24650]: [ta_update] refreshing TA for .
Jun 27 18:18:18 turris kresd[24650]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:19 turris kresd[24798]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:19 turris kresd[24798]: [ta_update] refreshing TA for .
Jun 27 18:18:20 turris kresd[24798]: [ta_update] next refresh for . in 1 hours
Jun 27 18:19:01 turris crond[25008]: (root) CMD (/usr/bin/rainbow_button_sync.sh)
[…]

This one is the cause. The resolver is being restarted all the time due to network getting reconfigured.

EDIT: but I’m not a good person to help with the cause of those reconfigurations.

Thanks. Any idea why the network is getting reconfigured? For what reason?

For information, I tracked down the root cause:

it is based on a prefix change in the ipv6 network wan6 interface. I dont know why this is happening so often, but if is just because of the IFUPDATE_PREFIXES firering for the WAN6 interface.

Maybe disable the hotplug resolver restart for WAN6 prefix changes in the script 40-ip-resolver-reload without $IFUPDATE_PREFIXES for WAN6/ipv6?

Or does anyone know why a prefix update is fired every seconds on ipv6 wan6?

Regards,
Lars

1 Like

I changed the file to ignore resolver reload for wan6 prefix changes. Not sure if this makes sense or if I miss something critical?

#!/bin/sh

source /lib/functions/network.sh

if [ "$ACTION" = "ifupdate" -o "$ACTION" = "ifup" ]; then
	if [ "$IFUPDATE_ADDRESSES" = "1" -o "$IFUPDATE_PREFIXES" = "1" ]; then
		if [[ "$INTERFACE" = "wan6" && "$IFUPDATE_PREFIXES" = "1" ]]; 
		then
			logger -t hotplug "Skipped reload resolver because of wan6/prefix update"
		else
			logger -t hotplug "Reload resolver because of interface address update"
			logger -t hotplug $ACTION " addr=" $IFUPDATE_ADDRESSES " pref=" $IFUPDATE_PREFIXES " - I:" $INTERFACE " - D:" $DEVICE
			/etc/init.d/resolver reload
		fi
	fi
fi

Maybe related to the “Fix Me” comment in the OpenWRT docs?

Turris path/file:
/etc/hotplug.d/iface/40-resolver-reload

Yes, that approach sounds good to me. WAN could be ignored here, as the current code only listens on addresses belonging to lo(calhost) and (br-)lan interfaces anyway.

I have no idea why the prefix might change so often, not even whose mistake it is (ISP, OpenWrt, Turris changes). I had noticed the hotplug docs a bit lacking; makes it hard to confidently write more complex conditions like your suggestion.

thanks. any idea how to make this fix permanent to survive the next update?

i’m also struggling with ipv6 and the hotplug system. i think this is the default design of openwrt to also trigger updates even when only prefered and valid until values on the temporary adresses are changed. i wrote an issue in the turris gitlab:

1 Like