[squid-users] Error Resolution (TunnelStateData::Connection:: error )

Iruma Keisuke su.maji.ke at gmail.com
Thu Jun 4 13:18:43 UTC 2015 

Thank you Amos.

2015-06-02 23:07 GMT+09:00, Amos Jeffries <squid3 at treenet.co.nz>:
> On 2/06/2015 9:15 p.m., Irimajiri keisuke wrote:
>> Dear all,
>>
>> I have to build a proxy server by using the squid.
>> The number of clients is 400 people.
>>
>> I do not know the cause of the error message that appears in the
>> cache.log.
>> In the weekday, I have come up with an error every few hours 8:00 to
>> 18:00.
>> Access concentration I look like does not matter.
>>
>> [cache.log error message]
>> 2015/05/11 13:37:24| TunnelStateData::Connection:: error : FD 610:
>> read/write failure: (110) Connection timed out
>>
>> Why I want to know whether this error has occurred.
>
> Yes it has occured. You would not be seeing it otherwise.
>
>> Also, I want to know the impact on the user.
>
> The user who is causing the problem is probably not impacted at all.
> Every other user sharing the proxy is impacted by the reduction in
> available network socket, memory and CPU resources.
>
It seems to be no abnormality in the state of network sockets and
memory and CPU.
Is it safe to ignore this error?

>
>>
>> [squidclient mgr:filedescriptor]
>> Every five minutes record
>> extract FD610
>>
>> It looks like an error has occurred in the use to which the terminal
>> of xxx.xxx.2.115 user.
>> Is it a problem of communication of the user and the proxy?
>>
>
> Nothing happened on a TCP conection for a long time. It was closed by
> the networking sub-systems somewhere between Squid and the client.
>

Do error is not out on the web browser?
Could you detailed information about TCP state and the state of the
user when an error has occurred.


>> Active file descriptors:
>> File Type   Tout Nread  * Nwrite * Remote Address        Description
>> ---- ------ ---- -------- -------- ---------------------
>> ------------------------------
>>  610 Socket  893    39494*   50228  xxx.xxx.xxx.162:443
>> outlook.office365.com:443       2015/05/11_13:08:29
>>  610 Socket 86329   45754*  103329  xxx.xxx.6.141:50174   Reading next
>> request         2015/05/11_13:13:29
>>  610 Socket 86258    6516*   13975  xxx.xxx.2.115:50820   Reading next
>> request         2015/05/11_13:18:29
>>  610 Socket 85958   12472*   34531* xxx.xxx.2.115:50820   Reading next
>> request         2015/05/11_13:23:29
>>  610 Socket 85657   12472*   34531* xxx.xxx.2.115:50820   Reading next
>> request         2015/05/11_13:28:29
>>  610 Socket 85357   12472*   34531* xxx.xxx.2.115:50820   Reading next
>> request         2015/05/11_13:33:29
>>  610 Socket 86336    3652*    8003  xxx.xxx.3.152:50817   Reading next
>> request         2015/05/11_13:38:29
>>
>> [access.log]
>> I do not see suspicious error log I tried to extract the address
>> xxx.xxx.2.115.
>>
>> Please tell me a good idea toward someone solve.
>
> Please provided additional details:
>  * Squid version
>  * Squid configuration
>
>
> I suspect you have a quite old verion of Squid. That particular error
> message does not even exist in the code any more. The current releases
> display much more TCP details about the connection where the error occured.
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>

squid version is squid-3.1.10-29.
This is the latest version that RedHat is delivering.

[squid.conf]
------------------------------------
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly
plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443		# https
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow all
http_port 192.168.1.1:8080
hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern .		0	20%	4320

cache_mem 2048 MB
cache_store_log none
visible_hostname unknown
request_header_access X-FORWARDED-FOR deny all
request_header_access Via deny all
max_filedesc 10240
ipcache_size 10240
-----------------------------------------------

Please let me ask further questions
Are these has to do with the error?
http://www.squid-cache.org/Doc/code/tunnel_8cc_source.html

472 TunnelStateData::Connection::error(int const xerrno)
473 {
474  /* XXX fixme xstrerror and xerrno... */
475  errno = xerrno;
476
477  debugs(50, debugLevelForError(xerrno), HERE << conn << ":
read/write failure: " << xstrerror());
478
479  if (!ignoreErrno(xerrno))
480  conn->close();
481 }

536  /* Bump the dest connection read timeout on any activity */
537  /* see Bug 3659: tunnels can be weird, with very long one-way transfers */
538  if (Comm::IsConnOpen(to.conn)) {
539  AsyncCall::Pointer timeoutCall = commCbCall(5, 4, "tunnelTimeout",
540  CommTimeoutCbPtrFun(tunnelTimeout, this));
541  commSetConnTimeout(to.conn, Config.Timeout.read, timeoutCall);
542  }
543

More information about the squid-users mailing list