Hello all,
can anybody help me with this squid problem?
Settings:
I have two instances of squid running each on a different machine.
squid-1 is running as a transparent proxy on machine-1, which is the
default gateway of the company I work in.
squid-1 forwards all the requests over the internet to its parent
squid-2 on machine-2 (outside the company).
configuration:
I'm running squid-2.4.stable2 on redhat 6.2(kernel 2.2.14-5.0)
squid is configured with: "configure --enable-underscores", not using
htcp nor icmp
configuration of squid-1(transparent proxy):
http_port 8080
cache_peer 202.202.202.202 parent 8080 3130 no-query default
no-digest no-netdb-exchange
http_access allow all
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_uses_host_header on
never_direct allow all
configuration of squid-2(parent proxy):
http_port 8080
http_access allow all
I have a module that logs the # of connections and # of bytes
transmitted between the two proxies.
Problem:
Every thing works fine, even under heavy load.
But after sometime, suddenly, squid-2 stopped sending any data, and the
number of connections between the two proxies increases significantly.
Of course clients were not able to browse in this time. When I opened a
browser from a machine outside our network and specified squid-2 as its
proxy, I still got no response. After sometime, the number of
connections started to decrease, while squid-2 was still not responding.
when the number of connections reached 0 (after maybe half an hour),
every thing went back to normal and the two proxies were functioning
properly again. This problem occurs randomly.
I removed never_direct from the configuration, as shown below, but I
still have the same problem:
configuration of squid-1(transparent proxy):
http_port 8080
cache_peer 202.202.202.202 parent 8080 3130 no-query default
no-digest no-netdb-exchange
http_access allow all
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_uses_host_header on
configuration of squid-2(parent proxy):
http_port 8080
http_access allow all
I would be very appreciative if anyone helps me to find the root of this
problem. Is this a known bug with this setup? Also, in the second
scenario, Why doesn't squid-1 manage to get the data directly when it
finds a problem with squid-2? Would enabling htcp or icmp be helpful?
Best regards,
--Tarek
Received on Mon Oct 01 2001 - 07:13:54 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:34 MST