Re: [squid-users] RE: Squid Restarting Issue

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 04 Aug 2011 00:32:43 +1200

On 04/08/11 00:08, Justin Lawler wrote:
> Hey, no patches have been done to squid. We're using that version.

Then I would like to point you at some very important patches you should
use at minimum: http://www.squid-cache.org/Advisories/

>
> Unfortunately doesn't seem to be any core dumps for that date lying
> around. Seems like its not configured correctly to do core dumps -
> changing that now.
>
> Note - we have 6 instances of squid handling heavy load under a load
> balancer. This has only happened once on one instance in the last
> couple of months that I'm aware of - only on the project for a few
> months - so it's unlikely to happen again anytime soon to get a new
> core dump.
>
> Note - this happened 21 times in a row on only one instance of squid
> - so it's unlikely that a specific URL came through to cause it - we
> haven't seen any URLs that weren't in all 6 instances of squid. I'm

Could still have been targeted. The crash would prevented logging.
Though that is a rarity. If it happens again the core should tell.

Though I'm thinking most likely it was some form of memory fault came
and went.

> wondering why did it not continue to happen? Is there any kind of
> further resilience in squid that would stop the restarts from
> continuing on? I'm just very concerned that in the future this may
> happen continuously?

We do have a command line option (-N) for running Squid under external
process managers instead of a standalone daemon.

Continuous 100% uptime is the process masters goal. If you really would
like a configuration option to limit the uptime restarts please file a
features request in bugs.squid-cache.org. Or feel free to submit a patch
to squid-dev for review.

>
> Is there any routine maintenance we could suggest for our client that
> would mitigate this happening again, like restarts of the server
> every few weeks? Manually clearing the cache/etc?

Only using a more recent version on the rare off-chance that it was
someone testing a vulnerability. At minimum the latest release of the
3.0 series (3.0.STABLE25).

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.14
   Beta testers wanted for 3.2.0.10
Received on Wed Aug 03 2011 - 12:32:54 MDT

This archive was generated by hypermail 2.2.0 : Wed Aug 03 2011 - 12:00:02 MDT