[squid-users] SQUID with cache_peer config + E2guardian - too many connections

Contato - KONNTROL contato at konntrol.com.br
Wed Jul 29 01:07:19 UTC 2020


Hello Everyone,
Greetings.

Background:
OS - FreeBSD 12.1
SQUID ver 4.10
OpenSSL 1.0.2u

I am trying to use SQUID in front of E2Guardian (content filter) with the
following configuration at the SQUID side.

###
cache_peer 127.0.0.1 parent 8080 0 login=*:password
client_persistent_connections on
always_direct deny all
never_direct allow all
###

It works fine till the point  SQUID exhausts all E2Guardian threads/workers,
no matter the amount you set. If 1000, SQUID is opening 1000 connections. If
10.000, squid also opens 10.000 connections.
I tried the directive "client_persistent_connections on and off" with no
success.
Even using a single browser for testing purposes, for some reason SQUID
opens thousands of connections against the E2guardian.
I did a wireshark capture to "see" what is  happening and it seems like a
lot of ACK/SYN with no payload.

Any idea? Maybe I am using a wrong configuration.

By the way, I am using SQUID in front of E2Guardian cause I use Kerberos
authentication (not supported by E2guardian) with FORWARDX option enable.

Thanks In advance,

Cordially.
Fabricio.




More information about the squid-users mailing list