[squid-users] squid_ldap_auth - Thousands of Requests

From: Paul <news_at_pointdee.co.uk>
Date: Wed, 09 Mar 2011 11:04:07 +0000

In the last 24 hours I've started seeing thousands of requests to my
LDAP server being sent by the squid_ldap_auth helper. In my cache.log
I'm seeing hundreds of "squid_ldap_auth: WARNING, LDAP search error
'Can't contact LDAP server'" entries, interspersed with "2011/03/09
10:49:29| commBind: Cannot bind socket FD 76 to *:0: (98) Address
already in use". The CPU usage on my LDAP sever is extremely high and
this is obviously causing problem for my users

tcpdump shows the requests going to the LDAP server have no "user"
information i.e cn..none.*..groupMembership..cn=InternetAccess,o=org and
that for each request to LDAP there is NO corresponding request to
Squid. It's as if a process on one of my internal machines is sending a
request in such a way that the squid_ldap_auth helper is getting stuck
yet I can't see this in the tcpdump trace either.

Reloading or restarting Squid relieves the problem for a short while but
it soon reoccurs

I'm using Squid 2.7Stable6-6.1 on openSuSE_11.3 64 bit with all modules
up to date from the official SuSE repos. Squid is a forward proxy only
and there is nothing suspicious coming from the Internet at large

Please help in tracking down the cause of this problem

Thanks

Paul
Received on Wed Mar 09 2011 - 11:04:12 MST

This archive was generated by hypermail 2.2.0 : Thu Mar 10 2011 - 12:00:02 MST