26. Inetd, The "Super" Server
Introduction to FreeBSD

As we discovered earlier, a FreeBSD system can run many programs simultaneously - such is the case for a FreeBSD network server; it will run a program for each service you wish to provide. The problem is, each service eats up a chunk of memory - and memory is always in demand (not to mention expensive!). The solution is to only start a service when it has a pending request, and to terminate it when a reply is sent to the client making the request. So how does a service know when to wake up?

That's where inetd comes in. It's called the Internet ``super-server'' since it controls many of the Internet services available on a typical Unix host. inetd monitors the port numbers of all requests that come to a server. When a request comes in, inetd looks in /etc/services for the name of the service. As we can see below, the services file is a simple mapping of port numbers to service names:

Next, after inetd has the name of the service to start, it looks in its configuration file, /etc/inetd.conf to get setup information. The config file looks like this:

The general format of the file is as follows:

  • service name

  • socket type

  • protocol

  • {wait|nowait}[/max-child]

  • user

  • server program

  • server program arguments

Let's take a closer look at one of the lines and see what this all means.

telnet stream tcp nowait root /usr/libexec/telnetd telnetd

The first field, telnet, is the name of the service. This name must match exactly the name found in /etc/services. The second and third fields, stream tcp, describes the kind of connection the service will make. In this case, tcp will handle the packet ordering so that the downloaded information appears to be a steady stream of error-free data. The only other option for this field, dgram udp, specifies that UDP, not TCP, will handle the packet ordering (the so called ``unreliable'' datagram form of TCP/IP).

The fourth field, nowait tells the service to spawn itself for each service request that comes to the server - even if one instance of the program is already running. The other option, wait says to run the programs sequentially, waiting for the first program to finish before staring up another instance.

The fifth field, root, specifies the user ID used to run the service. The majority of programs started from inetd run as the user ``root'' or ``nobody'' The remaining fields tell inetd where to find the program, and any arguments that are required (in the case of telnet, no arguments are present).

Sidebar:

The disadvantage of running programs through inetd is that it isn't too efficient for services that are constantly being run, perhaps once a second, or even hundreds of times per second. Why is that you ask? Well, although running a program through inetd generally reduces the amount of memory used, it introduces a penalty in that it must ``fork'' the program each time a request comes in. ``fork'' simply means that inetd starts a new process for the service. We won't get into the technical details of the overhead required to fork a process. Let's just say that there is an overhead, and under a busy system is enough to cause a considerable slow down. For this reason, some services are run as ``daemons'' instead of through inetd. How you decide to run a service depends entirely on what you feel is important. If performance is critical, run the program as a daemon. If you want to reduce memory usage, run the program through the inetd super-server. Typically, FTP, finger, talk, POP3, and telnetd are run through the inetd server, but things such as web servers and the mail delivery server (sendmail, usually) are run as daemons. Web servers like the NCSA and Apache servers even go through the trouble of ``pre-forking'' several copies of themselves to eliminate the overhead of forking under large numbers of requests! If you install a new service, the documentation that comes with the program will generally give tips on which approach is best for that particular application.

Return to Table of Contents

Visit the Gifcom