Help me, I am in trouble.
I work in a pubblic organization.
We have a LAN and an internet connection.
The LAN is not connected to internet.
The client use a proxy to connect to internet.
I have proposed to install squid in a linux machine.
So I have installed squid on a Pentium II 400Mhz with 512Mb ram and a 10Gb of
IDE hard disk.
The linux distribution is debian with kernel 2.420 and the squid version is
2.4 stable 6.
I use ext3 filesystem.
I set the cache_mem to 128Mb and the cache to 6Gb.
All the clients they contact the proxy server to connect to internet.
The clients are about 500, all windows machines.
The squid proxy server is connected to a firewall/gateway that is connected to
internet.
The schema is like the figure attached.
The proxy is 192.168.4.7, the firewall/gateway is 192.168.4.9.
The squid perfornaces are very bad.
I have a lot of errors like this:
Mar 14 13:13:34 proxy1 squid[390]: idnsCheckQueue: ID 2905: giving up after 31
tries and 308.3 seconds
Mar 14 13:13:34 proxy1 squid[390]: idnsCheckQueue: ID 2906: giving up after 31
tries and 308.3 seconds
Mar 14 13:13:34 proxy1 squid[390]: idnsCheckQueue: ID 2907: giving up after 31
tries and 308.3 seconds
Mar 14 13:13:34 proxy1 squid[390]: idnsCheckQueue: ID 2908: giving up after 31
tries and 308.3 seconds
May be is a dns problem.
But if I connect to internet directly, using the firewall/gateway without
squid I go without any problem, why?
I put the primary and secondary dns in /etc/resolv.conf.
The dns are 151.99.125.2 and 151.99.250.2.
The net configuration of the proxy server is:
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian
installation
# (network, broadcast and gateway are optional)
# automatically added when upgrading
auto eth0
iface eth0 inet static
address 192.168.4.7
netmask 255.255.254.0
network 192.168.4.0
broadcast 192.168.5.255
gateway 192.168.4.9
up route add -net 192.168.0.0 netmask 255.255.0.0 gw 192.168.5.254 eth0
from the file /etc/network/interfaces.
Also, I use squidGuard as a redirector.
SquidGuard authorize the clients listed in a text file to connect to the
proxy.
So, what's the problem?
I need more cpu?
I need more ram?
I need to reconfigure the LAN?
Help me please.
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:25 MST