Re: RES: [squid-users] Squid box dropping connections

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 18 Nov 2011 23:49:02 +1300

On 19/11/2011 12:21 a.m., Nataniel Klug wrote:
> Hi Eliezer,
>
> Thanks for you answer:
>
>> well this is one of the big problems of the conntrack thingy..
>> what you can try is to also to change the tcp to:
>> sysctl net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=3600
>> cause it might causing the problem of such a huge ammount of connection
>> tracking size.
>> the basic size is 120 minutes which can cause a lot of troubles in many
> cases
>> of open connections.
>> and by the way.. do you really have 155K connections? it seems like too
>> much.
>>
>> hope to hear more about the situation.
>>
>> Regards Eliezer
>
> [Nataniel Klug] So Eliezer, I don't think I have 155k connections. Most of
> them are FIN_WAIT1 (about 35~45k). I have 1000 pppoe clients behind this
> squid box so even if each of them had 50 connections, I would have 50k. I
> think closing really fast can solve the problem. I set it to close on 5
> minutes and I will make a try right now.

Some assumption in there needs a double-check. Modern websites can use
50 (or more) connections to load any given page. Clients are not
uncommonly having several such pages browsing at once in tabbed browser
agents. And Squid uses 2x sockets per client connection.

So, while 150K for 1K clients does seem unusual normally. It is within
the upper limits they *could* be using if they happend to all be
browsing at the same time. I would expect to see some correspondingly
high request rate in the Squid stats though.

Amos
Received on Fri Nov 18 2011 - 10:49:16 MST

This archive was generated by hypermail 2.2.0 : Fri Nov 18 2011 - 12:00:03 MST