Questions (Last updated Nov 14, 1997): 1. What is the difference between this FAQ and the SOCKS FAQ? 2. In what mode should I run the socks5 server? 3. How many threads or child processes should I use? 4. What causes the log message "Unresolvable service name: socks"? 5. How do I build and configure socks5? 6. Why does my application disconnect or time-out after 15 minutes? 7. Why doesn't my ftp client work? 8. Why doesn't my Mirabilis ICQ client work? -------------------------------------------------------- 1. What is the difference between this FAQ and the SOCKS FAQ? This FAQ answers questions relating to NEC's implementation of the SOCKS V5 protocol, socks5. Questions that relate to all SOCKS implementations are in the SOCKS FAQ. 2. In what mode should I run the socks5 server? The Windows NT socks5 server only runs threaded. The UNIX socks5 server can start in one-shot and non-forking modes, from inetd, forking, preforking, or threaded modes. One-shot mode, with the --oneshot option, and non-forking modes, with the --nofork option are most useful for debugging. Use inetd mode, with the --inetd option, when starting the socks5 server through inetd. For performance reasons, NEC does not recommend this mode. When you omit command line options, the socks5 server starts in forking mode and spawns a child process for each connection request it receives. Since forking uses system resources, forking mode does not perform as efficiently as preforking and threaded modes. Preforking mode, with the --prefork option, spawns child processes when the socks5 server initializes. Since the child processes already exist when the server receives a connection request, it increases system performance. For most systems, preforking mode is the socks5 preferred mode. Specify the number of child processes with the --nchildren option. When you omit that option, socks5 spawns 64 child processes. Operating systems with POSIX thread support can run the socks5 server in threaded mode, with the --threaded option when you include the --with-threads configure option when compiling socks5. Refer to the README file for configuration instructions. In threaded mode, socks5 handles each connection with a separate thread. Threaded mode is the fastest, most effecient mode for the socks5 server. 3. How many threads or child processes should I use? The answer depends on the system resources and expected use. The number of threads are not configurable. The default and recommended number of child processes is 64. On a UNIX socks5 server with limited resources, you might want to lower the number of child processes in preforking mode because each unused child process uses resources. Other modes use and release system resources as necessary. 4. What causes the log message "Unresolvable service name: socks"? The socks5 server calls getservbyname to determine if /etc/services contains an entry for socks. The socks5 server issues this message when getservbyname fails to return an entry. When there is no entry and you omit the --with-default-port configure option, the socks5 server uses port 1080. 5. How do I build and configure socks5? Refer to these documents for instructions to compile and install: o the README file included in the distribution o the INSTALL file included in the distribution o http://www.socks.nec.com/v5install.html o http://www.socks.nec.com/howto.html For configuration information refer to: o the examples subdirectory in the distribution o http://www.socks.nec.com/v5examples.html o the socks5 man pages 6. Why does my application disconnect or time-out after 15 minutes? The socks5 server disconnects a session when connection idle time exceeds INACTIVITY_TIMEOUT seconds. The default value for INACTIVITY_TIMEOUT is set to 15 minutes in the source file server/flow.c. To lengthen the timeout period, set INACTIVITY_TIMEOUT to a larger value, and recompile. You can set INACTIVITY_TIMEOUT to a maximum of 2 hours. 7. Why doesn't my ftp client work? Two of the most common problems are configuration related. If your permit line has permit - c - - - - the ftp client fails because the client requires "bind" unless it uses PASV mode. If your permit line has permit - - - - - ftp the ftp client fails because ftp-data (port 20) is also required for ftp applications. See the socks5.conf man page for more information. 8. Why doesn't my Mirabilis ICQ client work? Your ISP or network administrator knows the SOCKS V5 server to use (if you have one). Installing a SOCKS V5 server on your local machine will not help. Some ISPs do not allow UDP traffic. Where UDP traffic is blocked ICQ will not work. Although the ICQ setup asks for a SOCKS V5 server, we have not heard of anyone using ICQ and SOCKS V5 sucessfully. -------------------------------------------------------- Send Comments To: * socks5-comments@socks.nec.com