[squid-users] squid and netdata causes squid to drop SYN?

Amish anon.amish at gmail.com
Tue Jan 21 04:28:15 UTC 2020


Hello,

Recently, I started using netdata to monitor various system functions 
(which also monitors squid)

I am using squid (v4.9) with transparent (NAT) as well as Proxy mode (on 
different ports). Network has 10-15 users. Some on transparent proxy 
(redirection to port 3128) and some via proxy setting (port 8080) in 
browser.

Netdata calls squidclient every second to fetch squid statistics. (for 
generating per second graphs / statistics)

After I started using netdata, everything worked fine for a while. But 
then many users started complaining that they are not able to access 
sites. (Sometimes it worked and sometimes not.)

I could see SYN packets coming in but there were no SYN,ACK going back. 
I quickly went through cache.log but did not find anything. (searched 
for descriptors). I believe (but not 100% sure) that this happened only 
with those on transparent proxy. (again not sure)

Then I restarted the squid and all was well. But then issue happened 
again and I disabled netdata's squid module and now all is working fine 
from few days.

So I suspect that netdata calling squidclient every second is not a 
right thing to do. Its probably causing denial-of-service on squid.

So:
1) Is there any squid setting which I can adjust? (File descriptors 
available is 16384)
2) Is calling squidclient so frequently a right thing to do by netdata? 
Its probably over loading squid. (I will report to netdata if not)

Please guide,

Thank you,

Regards,

Amish



More information about the squid-users mailing list