Hello,
I'm working on setting up Squid as proxy + cache on Linux (OpenSuSE
10.3) to serve
around 300 concurrent connections. The proxy was working well for a
few hours (or less),
and then it started showing "TCP connection to xxx.xxx.xxx.xxx/8080
failed" messages
in cache.log file.
There is another Squid proxy which has been running on AIX platform
using the same
upstream proxy server as Linux does, but it never got the TCP
connection failed mesg.
Both proxy are running the same version of squid, squid-2.6-STABLE18.
I have been
searching and found many people have this problem but there is no
solid solution to
resolve the problem.
I've tried to recompile Squid with different of options, plus tuning
the kernel, but still
got the message.
Does anyone how to fix this?
Appreciate for all comments. Feel free to let me know if you need any more info.
Thank you.
Phil
Hardware
Dual Intel Xeon MP CPU 3.00GHz (32-bit)
Disks SCSI 10k rpm
Mirrored disks for OS
3 x 15GB JBOD Cache dirs (ReiserFS with noatime,notail)
Server/OS specification
OpenSUSE 10.3 32-bit
Linux 2.6.22.5-31-default #1 SMP 2007/09/21 22:29:00 UTC i686
Kernel/TCP Stack tuning
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.ip_forward=0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.accept_redirects = 0
kernel.sysrq = 0
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 400
net.ipv4.tcp_sack = 0
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 3
net.ipv4.conf.all.log_martians = 1
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.ip_local_port_range = 2048 65535
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_window_scaling = 1
net.core.optmem_max = 20480
net.core.somaxconn = 512
fs.inotify.max_user_watches = 65536
kernel.msgmni = 2048
fs.file-max = 334591
kernel.sem = 500 1024000 64 2048
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.core.wmem_max = 16777216
net.core.rmem_max = 16777216
net.core.netdev_max_backlog = 2500
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
Squid compile options (note: tried both below CFLAGS and without CFLAGS)
CFLAGS="-march=native \
-O2 \
-pipe \
-fomit-frame-pointer" \
./configure --prefix=/usr/local/squid \
--enable-async-io \
--enable-snmp \
'--enable-storeio=diskd aufs' \
'--enable-removal-policies=heap lru' \
--with-maxfd=32768 \
--enable-epoll \
--disable-ident-lookups \
--enable-large-cache-files \
--disable-carp \
--disable-wccp \
--enable-underscores \
'--enable-auth=basic ntlm' \
--enable-basic-auth-helpers=LDAP \
--enable-ntlm-auth-helpers=SMB \
--enable-external-acl-helpers=ldap_group \
--with-pthreads \
--enable-cachemgr-hostname=www-proxy3 \
--disable-poll \
--disable-select \
--with-large-files \
--with-aufs-threads=32 \
--enable-gnuregex \
--enable-err-languages=English
Received on Wed Apr 30 2008 - 06:11:09 MDT
This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT