[squid-users] squid and netdata causes squid to drop SYN?

Amish anon.amish at gmail.com
Tue Jan 21 04:28:15 UTC 2020


Recently, I started using netdata to monitor various system functions 
(which also monitors squid)

I am using squid (v4.9) with transparent (NAT) as well as Proxy mode (on 
different ports). Network has 10-15 users. Some on transparent proxy 
(redirection to port 3128) and some via proxy setting (port 8080) in 

Netdata calls squidclient every second to fetch squid statistics. (for 
generating per second graphs / statistics)

After I started using netdata, everything worked fine for a while. But 
then many users started complaining that they are not able to access 
sites. (Sometimes it worked and sometimes not.)

I could see SYN packets coming in but there were no SYN,ACK going back. 
I quickly went through cache.log but did not find anything. (searched 
for descriptors). I believe (but not 100% sure) that this happened only 
with those on transparent proxy. (again not sure)

Then I restarted the squid and all was well. But then issue happened 
again and I disabled netdata's squid module and now all is working fine 
from few days.

So I suspect that netdata calling squidclient every second is not a 
right thing to do. Its probably causing denial-of-service on squid.

1) Is there any squid setting which I can adjust? (File descriptors 
available is 16384)
2) Is calling squidclient so frequently a right thing to do by netdata? 
Its probably over loading squid. (I will report to netdata if not)

Please guide,

Thank you,



