[squid-users] SQUID with cache_peer config + E2guardian - too many connections
Contato - KONNTROL
contato at konntrol.com.br
Wed Jul 29 01:07:19 UTC 2020
Hello Everyone,
Greetings.
Background:
OS - FreeBSD 12.1
SQUID ver 4.10
OpenSSL 1.0.2u
I am trying to use SQUID in front of E2Guardian (content filter) with the
following configuration at the SQUID side.
###
cache_peer 127.0.0.1 parent 8080 0 login=*:password
client_persistent_connections on
always_direct deny all
never_direct allow all
###
It works fine till the point SQUID exhausts all E2Guardian threads/workers,
no matter the amount you set. If 1000, SQUID is opening 1000 connections. If
10.000, squid also opens 10.000 connections.
I tried the directive "client_persistent_connections on and off" with no
success.
Even using a single browser for testing purposes, for some reason SQUID
opens thousands of connections against the E2guardian.
I did a wireshark capture to "see" what is happening and it seems like a
lot of ACK/SYN with no payload.
Any idea? Maybe I am using a wrong configuration.
By the way, I am using SQUID in front of E2Guardian cause I use Kerberos
authentication (not supported by E2guardian) with FORWARDX option enable.
Thanks In advance,
Cordially.
Fabricio.
More information about the squid-users
mailing list