squid errors in error.log and slow internet from squid

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

squid errors in error.log and slow internet from squid

Hardik Dangar
Hello,

I have been facing few squid issues lately. we are about 40 users mostly linux, some mac and some windows system.

squid has become very slow for some reason. we can check that by bypassing squid and opening same urls. Second thing we are seeing swap mismatch errors and only solution we found is to remove swap file and use squid -z that will make things work for a day. other than that there are other errors in squid log too.

/var/cache/squid directory has became around 80 gb.

Here is our squid version and conf file 

Squid Cache: Version 3.5.23
Service Name: squid
configure options:  '--prefix=/usr' '--localstatedir=/var/squid' '--libexecdir=/lib/squid' '--srcdir=.' '--datadir=/share/squid' '--sysconfdir=/etc/squid' '--with-default-user=proxy' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-openssl' '--enable-ssl-crtd' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-follow-x-forwarded-for' '--enable-url-rewrite-helpers=fake' '--enable-ecap' '--enable-arp-acl' '--disable-translation'


Squid.conf file

Squid error log
if you see error log file you can see  Error negotiating SSL errors and  Ignoring malformed cache entry errors frequently.


squid access also have lot of entries like,
1488621158.416   1316 192.168.1.51 TAG_NONE/200 0 CONNECT 35.154.95.34:443 - ORIGINAL_DST/35.154.95.34 -
1488621158.416   1315 192.168.1.51 TAG_NONE/200 0 CONNECT 35.154.95.34:443 - ORIGINAL_DST/35.154.95.34 
which i believe https requests which have certificate issues. this has became growing for mac machines.

Anybody else have similar issues?

We are not sure weather it was the 3.5.23 upgrade or adding Mac systems to our network is causing these issues. but squid has certainly become slow for lots of people to the point we have to bypass them.


Thank you very much for reading through the post. Let me know if you find any issues with our config or anything that can help us figuring out whats the issue.

Have a good day.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: squid errors in error.log and slow internet from squid

Eliezer Croitoru
Two things:
First change the:
quick_abort_min -1

or remove it since it can do much harm on many cases and is useful only for specific ones.
Also try to remove all the refresh_pattern lines except for the defaults just to make sure they do not cause the server to move slow.
To understand the size of your service please attach the squid manager info page.
Have you checked CPU or memory usage when the service is slow?

using the cache manager can be seen at: http://wiki.squid-cache.org/Features/CacheManager#default
And you can use curl with something like http://mycache.example.com:3128/squid-internal-mgr/info

Eliezer

----
http://ngtech.co.il/lmgtfy/
Linux System Administrator
Mobile: +972-5-28704261
Email: [hidden email]


From: squid-users [mailto:[hidden email]] On Behalf Of Hardik Dangar
Sent: Saturday, March 4, 2017 11:58 AM
To: Squid Users <[hidden email]>
Subject: [squid-users] squid errors in error.log and slow internet from squid

Hello,

I have been facing few squid issues lately. we are about 40 users mostly linux, some mac and some windows system.

squid has become very slow for some reason. we can check that by bypassing squid and opening same urls. Second thing we are seeing swap mismatch errors and only solution we found is to remove swap file and use squid -z that will make things work for a day. other than that there are other errors in squid log too.

/var/cache/squid directory has became around 80 gb.

Here is our squid version and conf file

Squid Cache: Version 3.5.23
Service Name: squid
configure options:  '--prefix=/usr' '--localstatedir=/var/squid' '--libexecdir=/lib/squid' '--srcdir=.' '--datadir=/share/squid' '--sysconfdir=/etc/squid' '--with-default-user=proxy' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-openssl' '--enable-ssl-crtd' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-follow-x-forwarded-for' '--enable-url-rewrite-helpers=fake' '--enable-ecap' '--enable-arp-acl' '--disable-translation'


Squid.conf file
https://gist.githubusercontent.com/hardikdangar/44f424e5a0be0a2a12ebc53a25a29629/raw/6e70682601b03732b662094ea7f4e79fb80a3851/squid.conf

Squid error log
http://pastebin.com/raw/J7Ws2WKT
if you see error log file you can see  Error negotiating SSL errors and  Ignoring malformed cache entry errors frequently.


squid access also have lot of entries like,
1488621158.416   1316 192.168.1.51 TAG_NONE/200 0 CONNECT http://35.154.95.34:443 - ORIGINAL_DST/http://35.154.95.34 -
1488621158.416   1315 192.168.1.51 TAG_NONE/200 0 CONNECT http://35.154.95.34:443 - ORIGINAL_DST/http://35.154.95.34 
which i believe https requests which have certificate issues. this has became growing for mac machines.

Anybody else have similar issues?

We are not sure weather it was the 3.5.23 upgrade or adding Mac systems to our network is causing these issues. but squid has certainly become slow for lots of people to the point we have to bypass them.


Thank you very much for reading through the post. Let me know if you find any issues with our config or anything that can help us figuring out whats the issue.

Have a good day.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Loading...