Hello all!
I have a strange problem with squid. I use squid not for caching, but for
control with squidGuard, manage two links using tcp_outgoing_address and
control traffic with delay_pool.
Because of a known bug in 2.6 versions I couldn’t use the delay pool since I
use reconfigure from time to time and in 3.0 it’s working fine, but every
time I use reconfigure the “Total memory in arena” increases 300k aprox
(also noted using top and ps), in a few hours the memory is all used up and
it stars to use swap. I have servers using 3.0STABLE1, stable5 and stable8
and it happens in all of them.
The main reason for using the squid -k reconfigure is that I have users
logging in and out all day long (and night sometimes) and I need reload the
squidguard. I’ve read in this list that I can use just squid –k rotate, but
sometimes I need to reconfigure because of changes in the internet address
(for tcp_outgoing_address) or rules for delay_pool.
My question is why the memory increases in every reconfigure? I’ve already
disables delay_pools, tcp_outgoing_address, squidguard and any created acls
and the problem persists.
Below is my squid.conf and spec of one of my server. Any help is
appreciate.
Thanks,
Leandro
CPU model name: Intel(R) Pentium(R) 4 CPU 3.00GHz (some servers with Dual
Core)
Memory: 1GB (some servers with 2GB)
Kernel: 2.6.25 (som with 2.6.23)
Linux: Mandriva 2008.0
[root_at_localhost ~]# squidclient mgr:info | grep 'in arena'
Total space in arena: 122608 KB
[root_at_localhost ~]# squid –k reconfigure
[root_at_localhost ~]# squidclient mgr:info | grep 'in arena';date
Total space in arena: 123004 KB
Squid.conf:
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow all
http_reply_access allow all
icp_access allow all
htcp_access allow all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
cache_dir null /dev/null
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
pid_filename /var/run/squid.pid
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
cache_effective_user squid
cache_effective_group squid
visible_hostname 10.125.123.1
icp_port 0
htcp_port 0
no_cache deny all
dns_nameservers 127.0.0.1
hosts_file none
coredump_dir /var/cache
squid –v:
Squid Cache: Version 3.0.STABLE8
configure options: '--target' 'i586-mandriva-linux-gnu' '--program-prefix='
'--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/sbin'
'--sbindir=/usr/sbin' '--sysconfdir=/etc/squid' '--datadir=/usr/share'
'--includedir=/usr/include' '--libdir=/usr/lib'
'--libexecdir=/usr/lib/squid' '--localstatedir=/var'
'--sharedstatedir=/usr/com' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--x-includes=/usr/X11R6/include'
'--x-libraries=/usr/X11R6/lib' '--enable-icap-support' '--enable-poll'
'--enable-snmp' '--enable-removal-policies=heap,lru'
'--enable-storeio=aufs,coss,diskd,ufs,null' '--enable-useragent-log'
'--enable-referer-log' '--enable-cachemgr-hostname=localhost'
'--enable-truncate' '--enable-underscores' '--enable-carp'
'--enable-async-io' '--enable-htcp' '--enable-delay-pools'
'--enable-linux-netfilter' '--enable-ssl' '--enable-arp-acl'
'--enable-auth=basic,digest,ntlm'
'--enable-basic-auth-helpers=multi-domain-NTLM,getpwnam,YP,SMB,PAM,NCSA,MSNT
,LDAP' '--enable-ntlm-auth-helpers=SMB,fakeauth,no_check'
'--enable-digest-auth-helpers=password'
'--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group'
'--disable-follow-x-forwarded-for' '--with-pthreads'
'--disable-dependency-tracking' '--disable-ident-lookups'
'target_alias=i586-mandriva-linux-gnu'
Received on Tue Jul 22 2008 - 14:59:06 MDT
This archive was generated by hypermail 2.2.0 : Tue Jul 22 2008 - 12:00:04 MDT