Search squid archive

RE: Squid box dropping connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>                 I am running CentOS v5.1 with Squid-2.6 STABLE22 and Tproxy
> (cttproxy-2.6.18-2.0.6). My kernel is kernel-2.6.18-92. This is the most
> reliable setup I ever made running Squid. My problem is that I am having
> serious connections troubles when running squid over 155000 conntrack
> connections.
> 
>                 From my clients I start losing packets to router when the
> connections go over 155000. My kernel is prepared to run over 260k
> connections. 
...
> $SYS net.ipv4.netfilter.ip_conntrack_max=262144
> 
 
Just because you have conntract max at 260K does not mean that you can handle 260K connections.
 
You will need to increase hashsize as well:
 
echo 262144 > /sys/module/ip_conntrack/parameters/hashsize
 
I would be checking kernel logs for "conntrack overflows" and cache log for "commBind" errors. You might need to increase ephemeral port ranges to 64K (don't know if this would apply to tproxy though).
 
Jenny
 
 
PS: I am not responsible if this blows up your datacenter. It works for me when i am doing 500-600 reqs/sec with CONNECTs on forward proxy. 		 	   		  


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux