[squid-users] Issues with Squid Listening on 254 IP Addresses

Alex Rousskov rousskov at measurement-factory.com
Mon Sep 30 18:27:38 UTC 2024 

On 2024-09-30 09:08, Alexis DAVEAU wrote:

> wget http://www.squid-cache.org/Versions/v5/squid-5.2.tar.gz 
> tar -xzf squid-5.2.tar.gz
> cd squid-5.2
> export CXXFLAGS="-DMAXTCPLISTENPORTS=254"
> ./configure --prefix=/usr --localstatedir=/var 
> --libexecdir=/usr/lib/squid --datadir=/usr/share/squid \
> --sysconfdir=/etc/squid --with-logdir=/var/log/squid 
> --with-pidfile=/var/run/squid.pid \
> --enable-ssl --enable-ssl-crtd --enable-auth --enable-cache-digests \
> --enable-removal-policies="lru,heap" --enable-follow-x-forwarded-for
> make
> sudo make install
> But again, after running squid -v, the custom flag doesn't appear, and 
> the limit for the number of listening IP addresses is still in place.


FWIW, Squid v6 builds as expected in my tests:

> $ ./src/squid -v
> Squid Cache: Version 6.11-VCS
> Service Name: squid
> configure options:  'CXXFLAGS=-DMAXTCPLISTENPORTS=254'

And I can also see the right -D option being passed to individual g++ 
commands during "make".


I also get the expected result with Squid the latest (unsupported) v5:

> $ ./src/squid -v
> Squid Cache: Version 5.10-VCS
> Service Name: squid
> configure options:  'CXXFLAGS=-DMAXTCPLISTENPORTS=254'


I tried to use your ./configure options, but they do not work for me:

> configure: error: You need ssl gatewaying support to enable ssl-crtd feature. Try to use --with-openssl.

Hint: Replace ancient "--enable-ssl" with "--with-openssl".


Is it possible that a ./configure failure was missed in your build 
sequence? Or perhaps you are building one Squid binary but testing another?


HTH,

Alex.


> I’ve tested with various versions of Squid, ranging from 4.8 to 5.9, but 
> none of them seem to apply the custom flag for increasing the number of 
> listening addresses/ports.
> 
> Questions:
> How can I confirm that Squid is applying the MAXTCPLISTENPORTS value? Is 
> there a way to force Squid to recognize this parameter?
> Is there an alternative method to configure Squid to handle 254 IP 
> addresses without recompiling? Am I missing a critical step in the build 
> process?
> Do you have any recommendations to optimize the configuration for 
> managing an entire /24 prefix with 254 addresses?
> Any advice or suggestions would be greatly appreciated! I’ve done 
> extensive research on the issue, but I haven’t found a solution yet.
> 
> Thanks in advance for your help!
> 
> Best regards,
> Alexis
> 
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> https://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list