problem still there. My Squid still resets every 2 mins or even less
than that. it stops accepting connections and automatically start again.
becoming a pain. following is my squid.conf. I m running Squid
3.0Stable16 on RHEL5 with 2 GB RAM on Pentium D 2.4 GHz. It is totally
random when it starts and stops. Even reboot / restart of squid does not
make any difference. Any help would be appriciated.
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl Folio3_Network src 192.168.4.0/24 # RFC1918 possible internal
network
acl WorkingHours time M T W H F 9:00-19:00
acl BadSites dstdomain "/etc/squid/restricted_sites.list"
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny BadSites WorkingHours
http_access allow Folio3_Network
http_access allow localhost
http_access deny all
icp_access allow Folio3_Network
icp_access deny all
htcp_access allow Folio3_Network
htcp_access deny all
reply_body_max_size 5 MB
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
cache_mem 512 MB
cache_dir aufs /var/spool/squid 10240 16 256
cache_swap_low 90
cache_swap_high 92
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
shutdown_lifetime 5 seconds
visible_hostname folio3.gateway.102
icp_port 3130
coredump_dir /var/spool/squid
-Asim Ahmed
Asim Ahmed @ Folio3 wrote:
Hi Amos,
Thanks for your quick help. I am using following (I suppose latest
available series) of Squid
Index of /jskala/squid/squid-3.0.STABLE16-1.el5/i386
I've made those ufs/aufs changes & cache_low/high in squid.conf. I'll
let you know about the feedback soon. Also I've removed spaces from
time ACL elements MTWHF ...
-Asim Ahmed
Amos Jeffries wrote:
On Tue, 20 Oct 2009 19:53:02 +0500, "Asim Ahmed @ Folio3"
<aahmed@xxxxxxxxxx> wrote:
-
Hi all,
I have installed Squid 3.0 STABLE on RHEL5. I am using it on
conjunction
3.0STABLE what? there are now around 21 releases in circulation.
with Shorewall 4.4.2.2. I've tested that Shorewall is working fine
on machine. The problem is that SQUID stops responding
intermittently. This
period ranges from minuts / hours / days. Some time it works
absolutely fine and at other times it just dies. Even "tail -f
access.log" does not
show any activity at all. Internet stops working.
Machine is Pentium D 2.0 GHz with 2 GB of RAM. Out of my squid.conf
through *grep -v "^#" /etc/squid/squid.conf | sed -e '/^$/d'* is
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 192.168.4.0/24 # RFC1918 possible internal network
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl BusinessHours time M T W H F 9:00-13:00
acl BusinessHours time M T W H F 14:30-19:00
The above should have no spaces in the day specifier: MTWHF
acl BadSites dstdomain "/etc/squid/restricted_sites.list"
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny BadSites BusinessHours
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
htcp_access allow localnet
htcp_access deny all
reply_body_max_size 5 MB
http_port 46095 transparent
include /etc/squid/mediatypes.list
hierarchy_stoplist cgi-bin ?
cache_mem 256 MB
cache_dir ufs /var/spool/squid 16384 16 256
This is probably the cause. UFS file system is extremely slow. Also
with
10GB the default garbage collection settings for 3.0 are too wide.
Squid
can block up while removing 5% of the cached files once an hour.
I recommend setting:
cache_dir aufs /var/spool/squid 16384 16 256
cache_swap_low 90
cache_swap_high 92
Also,,,,
check cache.log for signs of squid dying. Restarting and reloading a
large cache through slow disk IO systems can cause a few dozen seconds
delay in request handling.
please use the latest release available (there are current 'unofficial'
packages for RHEL in the www.squid-cache.org binary downloads pages).
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
shutdown_lifetime 5 seconds
visible_hostname gateway.folio3.com
icp_port 3130
coredump_dir /var/spool/squid
Any help on where to look for the error and any remedy would be
appriciated.
Amos
--
Regards,
Asim Ahmed Khan
IT Manager,
Folio3 (Pvt.) Ltd. www.folio3.com
Direct: 92-21-4323721-4 Ext 110
Email: aahmed@xxxxxxxxxx
