RE: Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav
Hey, The Servertraffic is less then 300KB/s. In this Company working 20 Peoples and some guys listening to internet Radio. Is there a Command for getting Squid status Stats like Usage of Redirectors and Dns request or something like that? If Squid tells "cans lookup hostname - > dns error" and i can get a dns respond with "dig google.de" what can it be, that Squid cant lookup? I think: if i restart Squid, all Cache and other things get cleaned, so there must be something that is full, e.g. any Queue because after restart it worked. Thanks for spending time on this > -Ursprüngliche Nachricht- > Von: Eliezer Croitoru > Gesendet: Do. 14.04.11 (01:02) > An: squid-users@squid-cache.org > Betreff: Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav > > On 13/04/2011 22:06, childrenofch...@freenet.de wrote: > > > Hey, > > > > The configuration listet above, runs longer 1 year without an > probs. > > Now we get the Squid Message: Timeout - DNS Error. > > > > first step i tried: dig google.de from the squid maschine. No > probs. > > i saw in the cache.log that all url_rewrite_children are busy, so i > screwd em up from 8 to 16. > > > how much traffic this server has? > if the url rewrite children are busy it's means too much usage or > inefficient rewriter. > if you need some help with the rewriter i can mange to build you a > great > one that based on java. > my java url rewriters works on one server with a log of traffic with > only 2 child and works much more efficient then many others. > > Eliezer > > Okey one Day later: DNS Error, and at this Time, no prob with the > url_rewrite_children. > > now i added some dns Server and the google dns Server (8.8.8.8) > which should be up, and what i recieved today :/ > > dns Error. > > After squid restart all works fine, no probles comes up in the logs > (in all logs) but after a day, the messaged blow up again. > > > > now i added dns_nameserver in the squid.conf but no idea any more? > > > > thanks for spending time on this. > > > > > > > > > > --- > > freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de > > Jetzt > http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 mit > 1 GB Speicher und Profi-Spamschutz sichern! > > > > -Ursprüngliche Nachricht Ende- --- freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de Jetzt http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 mit 1 GB Speicher und Profi-Spamschutz sichern!
Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav
On 13/04/2011 22:06, childrenofch...@freenet.de wrote: Hey, The configuration listet above, runs longer 1 year without an probs. Now we get the Squid Message: Timeout - DNS Error. first step i tried: dig google.de from the squid maschine. No probs. i saw in the cache.log that all url_rewrite_children are busy, so i screwd em up from 8 to 16. how much traffic this server has? if the url rewrite children are busy it's means too much usage or inefficient rewriter. if you need some help with the rewriter i can mange to build you a great one that based on java. my java url rewriters works on one server with a log of traffic with only 2 child and works much more efficient then many others. Eliezer Okey one Day later: DNS Error, and at this Time, no prob with the url_rewrite_children. now i added some dns Server and the google dns Server (8.8.8.8) which should be up, and what i recieved today :/ dns Error. After squid restart all works fine, no probles comes up in the logs (in all logs) but after a day, the messaged blow up again. now i added dns_nameserver in the squid.conf but no idea any more? thanks for spending time on this. --- freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de Jetzt http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 mit 1 GB Speicher und Profi-Spamschutz sichern!
RE: RE: Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav
Well, whichever route you decide to use, Squid in general is _very_ DNS dependant, so you need to make sure it can access DNS somehow without any delay or timeouts. Everyone's situation may differ, even from site to site (branch office to office) within the same company. Basically, you just need to use BIND's DNS tools to try and figure out where the problems lie, like whether there is a broken DNS server somewhere that you are referencing. >>> 4/13/2011 4:40 PM >>> Hey, currently it´s configured as: forward to ISP DNS and many more free dns server like google (8.8.8.8). Before i setup an own dns (bind) i used only dns proxy: iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to-destination 192.168.0.1:53 and the same with the tcp protokoll. (192.168.0.1 = Router with pppoe connect and dynamic dns "push" from isp) than, as the issues occour i setup the bind dns, and now i think the problems occour much more as before. The strange thing is, setup runs for a long time without any problems oO thanks > -Ursprüngliche Nachricht- > Von: Chad Naugle > Gesendet: Mi. 13.04.11 (22:31) > An: childrenofch...@freenet.de > Kopie: squid-users@squid-cache.org > Betreff: RE: Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav > > Does your "internal" DNS configuration use the root method, or does > it > forward to your ISP's DNS? I've noticed strange behavior (Notably > DNS > timeouts) recently with using the "root method" at one of my branch > offices, and had to ditch it for the ISP "forwarders" ... In my > case, > it seemed to have something to do with IPv6 results from the root > servers, and it was causing BIND to timeout, but the second query of > the > same website came back instantly. > > >>> 4/13/2011 4:21 PM >>> > hey, > > i did that already :( > and now i get the same error on my on squid maschine > can´t see anything in the logfiles > > > -Ursprüngliche Nachricht----- > > Von: Chad Naugle > > Gesendet: Mi. 13.04.11 (22:03) > > An: childrenofch...@freenet.de, squid-users@squid-cache.org > > Betreff: Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav > > > > Personally, I would setup a caching-only instance of BIND on the > > proxy, > > and using that for DNS, or using your "internal" DNS system on your > > network, rather than depending on an outside source for all of your > > DNS. > > > > >>> 4/13/2011 3:06 PM >>> > > Hey, > > > > The configuration listet above, runs longer 1 year without an > probs. > > Now we get the Squid Message: Timeout - DNS Error. > > > > first step i tried: dig google.de from the squid maschine. No > probs. > > i saw in the cache.log that all url_rewrite_children are busy, so i > > screwd em up from 8 to 16. > > > > Okey one Day later: DNS Error, and at this Time, no prob with the > > url_rewrite_children. > > now i added some dns Server and the google dns Server (8.8.8.8) > which > > should be up, and what i recieved today :/ > > dns Error. > > After squid restart all works fine, no probles comes up in the logs > > (in > > all logs) but after a day, the messaged blow up again. > > > > now i added dns_nameserver in the squid.conf but no idea any more? > > > > thanks for spending time on this. > > > > > > > > > > --- > > freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de > > Jetzt > > http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 > > mit 1 GB Speicher und Profi-Spamschutz sichern! > > > > > > Travel Impressions made the following annotations > > - > > "This message and any attachments are solely for the intended > > recipient > > and may contain confidential or privileged information. If you are > > not > > the intended recipient, any disclosure, copying, use, or > distribution > > of > > the information included in this message and any attachments is > > prohibited. If you have received this communication in error, > please > > notify us by reply e-mail and immediately and permanently delete > this > > message and any attachments. > > Thank you." > > > > > > -Ursprüngliche Nachricht Ende- > > > > > --- > freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de > Jetzt > http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 > mit 1 GB Speicher und Profi-Spamschutz sichern! > > > Travel
RE: Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav
Does your "internal" DNS configuration use the root method, or does it forward to your ISP's DNS? I've noticed strange behavior (Notably DNS timeouts) recently with using the "root method" at one of my branch offices, and had to ditch it for the ISP "forwarders" ... In my case, it seemed to have something to do with IPv6 results from the root servers, and it was causing BIND to timeout, but the second query of the same website came back instantly. >>> 4/13/2011 4:21 PM >>> hey, i did that already :( and now i get the same error on my on squid maschine can´t see anything in the logfiles > -Ursprüngliche Nachricht- > Von: Chad Naugle > Gesendet: Mi. 13.04.11 (22:03) > An: childrenofch...@freenet.de, squid-users@squid-cache.org > Betreff: Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav > > Personally, I would setup a caching-only instance of BIND on the > proxy, > and using that for DNS, or using your "internal" DNS system on your > network, rather than depending on an outside source for all of your > DNS. > > >>> 4/13/2011 3:06 PM >>> > Hey, > > The configuration listet above, runs longer 1 year without an probs. > Now we get the Squid Message: Timeout - DNS Error. > > first step i tried: dig google.de from the squid maschine. No probs. > i saw in the cache.log that all url_rewrite_children are busy, so i > screwd em up from 8 to 16. > > Okey one Day later: DNS Error, and at this Time, no prob with the > url_rewrite_children. > now i added some dns Server and the google dns Server (8.8.8.8) which > should be up, and what i recieved today :/ > dns Error. > After squid restart all works fine, no probles comes up in the logs > (in > all logs) but after a day, the messaged blow up again. > > now i added dns_nameserver in the squid.conf but no idea any more? > > thanks for spending time on this. > > > > > --- > freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de > Jetzt > http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 > mit 1 GB Speicher und Profi-Spamschutz sichern! > > > Travel Impressions made the following annotations > - > "This message and any attachments are solely for the intended > recipient > and may contain confidential or privileged information. If you are > not > the intended recipient, any disclosure, copying, use, or distribution > of > the information included in this message and any attachments is > prohibited. If you have received this communication in error, please > notify us by reply e-mail and immediately and permanently delete this > message and any attachments. > Thank you." > > > -Ursprüngliche Nachricht Ende- --- freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de Jetzt http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 mit 1 GB Speicher und Profi-Spamschutz sichern! Travel Impressions made the following annotations - "This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank you."
Re: [squid-users] Squid 2.7 + SquidGuard + Squidclamav
Personally, I would setup a caching-only instance of BIND on the proxy, and using that for DNS, or using your "internal" DNS system on your network, rather than depending on an outside source for all of your DNS. >>> 4/13/2011 3:06 PM >>> Hey, The configuration listet above, runs longer 1 year without an probs. Now we get the Squid Message: Timeout - DNS Error. first step i tried: dig google.de from the squid maschine. No probs. i saw in the cache.log that all url_rewrite_children are busy, so i screwd em up from 8 to 16. Okey one Day later: DNS Error, and at this Time, no prob with the url_rewrite_children. now i added some dns Server and the google dns Server (8.8.8.8) which should be up, and what i recieved today :/ dns Error. After squid restart all works fine, no probles comes up in the logs (in all logs) but after a day, the messaged blow up again. now i added dns_nameserver in the squid.conf but no idea any more? thanks for spending time on this. --- freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de Jetzt http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 mit 1 GB Speicher und Profi-Spamschutz sichern! Travel Impressions made the following annotations - "This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank you."
[squid-users] Squid 2.7 + SquidGuard + Squidclamav
Hey, The configuration listet above, runs longer 1 year without an probs. Now we get the Squid Message: Timeout - DNS Error. first step i tried: dig google.de from the squid maschine. No probs. i saw in the cache.log that all url_rewrite_children are busy, so i screwd em up from 8 to 16. Okey one Day later: DNS Error, and at this Time, no prob with the url_rewrite_children. now i added some dns Server and the google dns Server (8.8.8.8) which should be up, and what i recieved today :/ dns Error. After squid restart all works fine, no probles comes up in the logs (in all logs) but after a day, the messaged blow up again. now i added dns_nameserver in the squid.conf but no idea any more? thanks for spending time on this. --- freenetMail - Der zuverlässige E-Mail-Dienst von freenet.de Jetzt http://mail.freenet.de/produkte/basic/index.html?pid=10111947018 mit 1 GB Speicher und Profi-Spamschutz sichern!
