Re: [squid-users] connections from particular users sometimes get stuck
On 09/27/2016 02:02 PM, Eugene M. Zheganin wrote: > I guess squid > didn't get a way to increase debug level on the fly ? "squid -k debug" (or sending an equivalent signal) does that: http://wiki.squid-cache.org/SquidFaq/BugReporting#Detailed_Debug_Output You will not get ALL,9 this way, unfortunately, but ALL,7 might be enough. Alex. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] connections from particular users sometimes get stuck
Hi. On 28.09.2016 0:29, Alex Rousskov wrote: Since you can reproduce this, I suggest collecting ALL,9 log for the stuck master transaction: http://wiki.squid-cache.org/SquidFaq/BugReporting#Debugging_a_single_transaction If collecting a debugging trace is impossible for some reason, then collect the corresponding TCP packets on the Squid to origin server link and post actual packets (not screenshots of packet summaries) from both connections. The debugging trace will most likely have the answer. The packet trace might have the answer. You may need to change user credentials for this test or after posting the details requested above. Well... I cannot reproduce it on purpose, I'm just saying it is self-reproducible for almost a year, in certain moments of time. Collecting a debug trace isn't hard by itself, but I'm pretty sure the restart will clear this state for a current machine (I guess squid didn't get a way to increase debug level on the fly ? at least I'm not aware of it; so I will need to restart it to set ALL,9), and I'll have to run with ALL,9 for quite some time, which is, obviously, not good for production, because it will create enormous amounts of logging in cache log. So I will post the tcpdump containing both exchanges, and if it will be still unclear I'll think about running in a debug mode. Thanks. Eugene. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] connections from particular users sometimes get stuck
On 09/27/2016 11:13 AM, Eugene M. Zheganin wrote: > The wireshark screen where the issue is isolated for one particular > connection can be found here - > https://gyazo.com/fdec1d9d7c31a75afc7d4676abb83d15 (it's really a simple > picture: TCP connection establishing, then GET -> 407 -> GET and bunch > of keepalives, not a rocket science). > > Any ideas ? Since you can reproduce this, I suggest collecting ALL,9 log for the stuck master transaction: http://wiki.squid-cache.org/SquidFaq/BugReporting#Debugging_a_single_transaction If collecting a debugging trace is impossible for some reason, then collect the corresponding TCP packets on the Squid to origin server link and post actual packets (not screenshots of packet summaries) from both connections. The debugging trace will most likely have the answer. The packet trace might have the answer. You may need to change user credentials for this test or after posting the details requested above. Cheers, Alex. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] connections from particular users sometimes get stuck
Hi. I have a weird problem. I run a squid cache 3.5.19 on FreeBSD/amd64, with about 300 active users, lots of authentication, external helpers (yeah, it's usually the place when one starts to post configs, but let me get to the point), and everything basically works just fine, but sometimes one particular user (don't know, may be it's one particular machine or some other entity) starts to have troubles. Usual trouble looks like the following: - around 299 users are working and authenticatiing just fine - one particular user starts experiencing connection stucking: his browser requests a web page, it starts to load and then some random object on it blocks indefinitely. - this happens every time on one machine, for the time given. This machine is permanent for a given issue, until it's gone. Then it's some another machine, and I cannot figure out the pattern. - this machine may be locked in this malfuctioning state for days. This state is usually cleared by the squid restart, or it may clear itself. - after a month or so the issue appears on another machine. and it persists on a new machine for quite some time. On a l3 level this looks simple: browser requests an object, gets 407 answer, replies with proper credentials set and then this connection goes indefinitely into a keepalived state: the squid and the browser send keepalives to each other, but nothing happens other than keepalives. User sees the spinning loader on a browser tab, and some content inside the tab, depending on how many objects the browses has received. In the same time new connections to squid are opening from this machine just fine, and the basic connectivity is normal for both the squid and the troubled machine. Furthermore, I'm sure that this problem isn't caused by bottlenecks on the squid machine: because it this way all the users would have eventually this problem, not only one. In the same time these aren't bottlenecks on the user machine: while the browser is stuck, other applications are working fine. If I switch the proxy to a backup squid (on another server) this machine is able to browse the internet. I really need to solve this, but I have no idea where to start. The error log show nothing suspicious. The wireshark screen where the issue is isolated for one particular connection can be found here - https://gyazo.com/fdec1d9d7c31a75afc7d4676abb83d15 (it's really a simple picture: TCP connection establishing, then GET -> 407 -> GET and bunch of keepalives, not a rocket science). Any ideas ? Thanks. Eugene. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] How to log url_rewrite_program results
On 09/26/2016 09:25 PM, Michael Pelletier wrote:
> I tried
> %{message}note %{status}note
> But I do not get results...
Did your helper return message=... and status=... annotations to Squid?
The %note logformat code expands into transaction annotations.
Annotations come from helpers (and other sources irrelevant for this
discussion).
> All I am trying to log is the ACL that was matched and the result. Is
> the default in url_rewrite_extras good enough?
You seem to be asking a question that only you can answer: You know what
your helper can do and how it is used. url_rewrite_extras is about
information passed from Squid to your helper. You know what information
the default url_rewrite_extras passes to your helper. Is that
information enough for your helper to responds with annotations
containing "the ACL that was matched and the result" info?
Alex.
> On Mon, Sep 26, 2016 at 10:59 PM, Michael Pelletier wrote:
>
> OK. I will try this. Really, All I am trying to log is the ACL that
> was matched and the result. Is the default in *url_rewrite_extras
> good enough?
> *
>
> On Mon, Sep 26, 2016 at 5:04 PM, Amos Jeffries > wrote:
>
> On 27/09/2016 2:50 a.m., Michael Pelletier wrote:
> > Hello,
> >
> > I have a custom logformat and I would like to log the results of my
> url
> > rewriter (urlfilterdb). I can't seem to get this to work. Can
> someone tell
> > me the basics?
>
> The helper potocol is outlined at
> >.
>
> Each 'key=' in the helper output gets appended to the HTTP
> transaction
> as an annotation 'note'. The logging can display these via the
> %note{key-name} format code.
>
> For older helpers that use the pre-3.4 protocol without kv-pairs
> their
> responses get mapped into the kv-pair format. So you should see
> the same
> %note{url} or %note{rewrite-url} annotations at logging time
> even with
> older helpers.
>
> Amos
>
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
>
> http://lists.squid-cache.org/listinfo/squid-users
>
>
>
>
>
> *Disclaimer: *Under Florida law, e-mail addresses are public records. If
> you do not want your e-mail address released in response to a public
> records request, do not send electronic mail to this entity. Instead,
> contact this office by phone or in writing.
>
>
>
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] R: Re: problem reload configuration with workers
On 09/27/2016 03:15 AM, ama...@tin.it wrote:
> I have resolve my problem changing the workers configuration from:
>
> workers 4
> http_access allow localhost
> http_port localhost:
> 400${process_number}
> cache_dir aufs /var/spool/squid 16384 32 512
>
> cache_dir rock /var/spool/squid/rock 16384 max-size=32768
> cache_dir aufs /var/spool/squid/squid-cache0${process_number} 16384 16 512
> min-size=32769
The above combination of SMP-aware and SMP-unaware caches is unsupported
and probably will not work.
> to
>
> workers 4
> http_access allow localhost
> http_port
> localhost:400${process_number}
> cache_dir rock /var/spool/squid/rock 16384 max-size=32768
>
> if ${process_number} = 1
> cache_dir aufs /var/spool/squid/squid-cache01 16384 16 512
> min-size=32769
> endif
> if
> ${process_number} = 2
> cache_dir aufs /var/spool/squid/squid-cache02 16384 16 512
> min-size=32769
> endif
> if ${process_number} = 3
> cache_dir aufs /var/spool/squid/squid-cache03 16384 16 512
> min-size=32769
> endif
> if ${process_number} = 4
> cache_dir aufs /var/spool/squid/squid-cache04 16384 16 512
> min-size=32769
> endif
The above is equivalent to
workers 4
http_access allow localhost
http_port
localhost:400${process_number}
cache_dir rock /var/spool/squid/rock 16384 max-size=32768
cache_dir aufs /var/spool/squid/squid-cache${process_number} 16384 ...
which is still an unsupported combination of SMP-aware and SMP-unaware
caches that probably will not work.
BTW, why do you give each worker a dedicated listening port (i.e.,
"400${process_number}")?
Alex.
> Messaggio originale
> Da: rousskov@measurement-factory.
> com
> Data: 26-set-2016 16.12
> A:
> Cc:
> "ama...@tin.it"
> Ogg: Re: [squid-users] problem reload
> configuration with workers
>
> On 09/26/2016 08:02 AM, ama...@tin.it
> wrote:
>
>> I'm using squid 3.5.21-20160908-r14081 and for the first time
> I'm
>> using workers configuration. I have a problem:
>> when I reload
> configuration (via init script)
>> suid -k reconfigure -f
> /et/squid/squid.conf
>
> I assume that by "suid" you meant "squid". If
> yes, then the above
> command is a correct way to reconfigure Squid,
> including SMP Squid.
>
>
>> the system kill squid-coord and squid-disk
>
>
> Does "the system" do more than run "squid -k reconfigure ..."?
>
> * If
> not, then "the system" does not kill squid-coord and squid-disk
>
> (something else does).
>
> * If yes, then you should fix your system
> script. Perhaps it thinks that
> Squid died and tries to kill/restart it?
>
>
>
>> So I have to remove pd
>> file and lock files and restart squid.
>>
> Please, do it exist a solution
>> to reload with restart squid?
>
>
> Reconfiguration should work "as is". If it does not work, file a bug
>
> report with details such as your system command(s) and resulting
> cache.
> log and syslog output.
>
>
>> I tried also using something like:
>>
>>
> pid_filename /var/run/squid/squid-{proccess_number}.
>
> Please do not do
> that. SMP Squid is designed to work with a single
> configuration file
> without SMP macros.
>
>
> Thank you,
>
> Alex.
>
>
>
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
[squid-users] R: Re: problem reload configuration with workers
Hi Alex
thank you for your answer.
Obviously, I intended to write
squid.
I have resolve my problem changing the workers configuration
from:
workers 4
http_access allow localhost
http_port localhost:
400${process_number}
cache_dir aufs /var/spool/squid 16384 32 512
cache_dir rock /var/spool/squid/rock 16384 max-size=32768
cache_dir
aufs /var/spool/squid/squid-cache0${process_number} 16384 16 512 min-
size=32769
to
workers 4
http_access allow localhost
http_port
localhost:400${process_number}
cache_dir rock /var/spool/squid/rock
16384 max-size=32768
if ${process_number} = 1
cache_dir aufs
/var/spool/squid/squid-cache01 16384 16 512 min-size=32769
endif
if
${process_number} = 2
cache_dir aufs /var/spool/squid/squid-
cache02 16384 16 512 min-size=32769
endif
if ${process_number} = 3
cache_dir aufs /var/spool/squid/squid-cache03 16384 16 512 min-
size=32769
endif
if ${process_number} = 4
cache_dir aufs
/var/spool/squid/squid-cache04 16384 16 512 min-size=32769
endif
Thank you
Messaggio originale
Da: rousskov@measurement-factory.
com
Data: 26-set-2016 16.12
A:
Cc:
"ama...@tin.it"
Ogg: Re: [squid-users] problem reload
configuration with workers
On 09/26/2016 08:02 AM, ama...@tin.it
wrote:
> I'm using squid 3.5.21-20160908-r14081 and for the first time
I'm
> using workers configuration. I have a problem:
> when I reload
configuration (via init script)
> suid -k reconfigure -f
/et/squid/squid.conf
I assume that by "suid" you meant "squid". If
yes, then the above
command is a correct way to reconfigure Squid,
including SMP Squid.
> the system kill squid-coord and squid-disk
Does "the system" do more than run "squid -k reconfigure ..."?
* If
not, then "the system" does not kill squid-coord and squid-disk
(something else does).
* If yes, then you should fix your system
script. Perhaps it thinks that
Squid died and tries to kill/restart it?
> So I have to remove pd
> file and lock files and restart squid.
>
Please, do it exist a solution
> to reload with restart squid?
Reconfiguration should work "as is". If it does not work, file a bug
report with details such as your system command(s) and resulting
cache.
log and syslog output.
> I tried also using something like:
>
>
pid_filename /var/run/squid/squid-{proccess_number}.
Please do not do
that. SMP Squid is designed to work with a single
configuration file
without SMP macros.
Thank you,
Alex.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
