[squid-users] Windows Updates a Caching Stub zone, A windows updates store.

Eliezer Croitoru eliezer at ngtech.co.il
Mon Jul 25 13:06:58 UTC 2016 

Hey Omid,

I will comment inline.
And there are couple details which we need to understand couple issues.

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il


-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Omid Kosari
Sent: Monday, July 25, 2016 12:15 PM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Windows Updates a Caching Stub zone, A windows updates store.

Hi,

Thanks for support .

recently i have seen a problem with version beta 0.2 . when fetcher is working the kernel logs lots of following error
TCP: out of memory -- consider tuning tcp_mem

# To verify the actual status we need the output of:
$ free -m
$ cat /proc/sys/net/ipv4/tcp_mem
$ top -n1 -b
$ cat /proc/net/sockstat
$ cat /proc/sys/net/ipv4/tcp_max_orphans 

I think the problem is about orphaned connections which i mentioned before .
Managed to try new version to see what happens.

# If you have an orphaned connections on the machine with or without the MS updates proxy, you should consider to analyze the machine structure and load in general.
If indeed there are orphan connections we need to verify if it's from the squid or my service or the combination of them together.


Also i have a feature request . Please provide a configuration file for example in /etc/foldername or even beside the binary files to have selective options for both fetcher and logger.

# With what options for the logger and fetcher?

I have seen following change log
beta 0.3 - 19/07/2016
+ Upgraded the fetcher to honour private and no-store cache-control  headers
when fetching objects.

As my point of view the more hits is better and there is no problem to store private and no-store objects if it helps to achieve more hits and bandwidth saving . So it would be fine to have an option in mentioned config file to change it myself .

# I understand your way of looking at things but this is a very wrong way to look at cache and store.
The problem with storing private and no-store responses is very simple.
These files are temporary and exists for one request only(in most cases).
Specifically for MS it is true and they do not use private files more then once.
I do not wish to offend you or anyone by not honoring such a request but since it's a public service this is the definition of it.
If you want to see the options of the fetcher and the service just add the "-h" option to see the available options.

I have considered to use some log file but yet to get to the point which I have a specific format that I want to work with.
I will try to see what can be done with log files and also what should be done to handle log rotation. 

Thanks again


## Resources
* http://blog.tsunanet.net/2011/03/out-of-socket-memory.html

More information about the squid-users mailing list