[squid-users] 100% CPU Load problem with squid 3.3.8

From: Mohsen Dehghani <mdehghani_at_hamyar.net>
Date: Tue, 10 Sep 2013 13:04:16 +0430

I have compiled and installed squid 3.3.8.
I have about 160Mbps bandwidth and about 18000 http request per minute.
The problem is that as soon as I redirect traffic to squid, its cpu usage
reaches 100% and it hangs and even "squidclient" will not work.

What is weird is that when I remove traffic from squid, CPU usage does not
go down immediately, but with a delay of about 2 or 3 minutes!
While in version 3.1.19(which previously I was using), as soon as I remove
traffic from squid, its cpu usage goes down. By the way in 3.1.19, CPU usage
never exceeded 30%.

When I debug , I see some lines saying: WARNING! Your cache is running out
of filedescriptors

I don't know this is the cause or not. But I've already compiled squid with
65536 filedescriptors

I have disabled disk swap for testing, but the problem yet exists.

Any help is appreciated

I have attached my compile options and config

_______________________________________

#squid -v
Squid Cache: Version 3.3.8
configure options: '--prefix=/usr/local/squid' '--build=x86_64-linux-gnu'
'--enable-storeio=ufs,aufs,diskd' '--enable-follow-x-forwarded-for'
'--with-filedescriptors=65536' '--with-large-files'
'--with-default-user=proxy' '--enable-linux-netfilter'
'build_alias=x86_64-linux-gnu' --enable-ltdl-convenience

###config:####
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

shutdown_lifetime 3 second
wccp2_router 172.22.122.254
wccp_version 2
wccp2_rebuild_wait on
wccp2_forwarding_method 2
wccp2_return_method 2
wccp2_assignment_method 2
# wccp2_service standard 0
wccp2_service dynamic 80
wccp2_service dynamic 90
wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80
wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source
priority=240 ports=80

http_port 3129 tproxy
qos_flows local-hit=0x18
cache_mem 2000 MB
maximum_object_size_in_memory 10 MB

access_log none

snmp_port 3401
acl snmppublic snmp_community golabi
snmp_access allow snmppublic trusted
http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost

http_access deny all

http_port 3128

coredump_dir /usr/local/squid/var/cache/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
Received on Tue Sep 10 2013 - 08:34:42 MDT

This archive was generated by hypermail 2.2.0 : Tue Sep 10 2013 - 12:00:04 MDT