[squid-users] squid and netdata causes squid to drop SYN?
anon.amish at gmail.com
Tue Jan 21 04:28:15 UTC 2020
Recently, I started using netdata to monitor various system functions
(which also monitors squid)
I am using squid (v4.9) with transparent (NAT) as well as Proxy mode (on
different ports). Network has 10-15 users. Some on transparent proxy
(redirection to port 3128) and some via proxy setting (port 8080) in
Netdata calls squidclient every second to fetch squid statistics. (for
generating per second graphs / statistics)
After I started using netdata, everything worked fine for a while. But
then many users started complaining that they are not able to access
sites. (Sometimes it worked and sometimes not.)
I could see SYN packets coming in but there were no SYN,ACK going back.
I quickly went through cache.log but did not find anything. (searched
for descriptors). I believe (but not 100% sure) that this happened only
with those on transparent proxy. (again not sure)
Then I restarted the squid and all was well. But then issue happened
again and I disabled netdata's squid module and now all is working fine
from few days.
So I suspect that netdata calling squidclient every second is not a
right thing to do. Its probably causing denial-of-service on squid.
1) Is there any squid setting which I can adjust? (File descriptors
available is 16384)
2) Is calling squidclient so frequently a right thing to do by netdata?
Its probably over loading squid. (I will report to netdata if not)
More information about the squid-users