On 23/04/2011 18:34, Andreas Braathen wrote:
I tried it, but it did not change anything. Squid still sends SYN packets to
establish state with destination.
Any other suggestions?
Sorry to tell you but you better try to just read the basics of tcp flow
to understand the meaning of a SYN pack
On Sat, 2011-04-23 at 21:24 +0800, jiluspo wrote:
> therefore squid 3.2 still cant preserve TOS value from remote server to
> clients.
Correct.
> hmn. what about the zph that requires kernel patch?
zph and qos_flows are the same thing. The names differ between different
versions of Squid.
> w
15000/min is 250 connections per second... Well within reason for any normal
system.
Some things you can play with from a tcp tuning perspective are:
net.ipv4.tcp_max_syn_backlog=1
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_max_tw_buckets=25
net.ipv4.tcp_fin_timeout=30
More details on them
Yeah but what to do when you have a very loaded squid server with more
than 15000 req/min ...you will notice in /var/log/messages that kernel
is sending syn cookies and slowing down requests coming to port 3128 !
On Sat, Apr 23, 2011 at 7:51 PM, Jim Binder wrote:
> syn cookies are a feature of th
syn cookies are a feature of the tcp stack to delay setting up full tcp state
to avoid resource starvation and to avoid syn floods (lots of syns never
completed freezing out good new connections.)
James S. Binder
408.761.1403 (cell)
On Apr 23, 2011, at 9:02 AM, Marcus Kool wrote:
> When
When a TCP connection is established, TCP SYN packets are exchanged.
Blocking SYN packets is the same as blocking all TCP traffic.
Andreas Braathen wrote:
I tried it, but it did not change anything. Squid still sends SYN packets to
establish state with destination.
Any other suggestions?
e
I tried it, but it did not change anything. Squid still sends SYN packets to
establish state with destination.
Any other suggestions?
>edit /etc/sysctl.conf
>change net.ipv4.tcp_syncookies=1 to net.ipv4.tcp_syncookies=0 and
>reboot. dont forget to remove the # from the beginning of the line.
>
On 23/04/2011 17:57, Hasanen AL-Bana wrote:
edit /etc/sysctl.conf
change net.ipv4.tcp_syncookies=1 to net.ipv4.tcp_syncookies=0 and
reboot. dont forget to remove the # from the beginning of the line.
On Sat, Apr 23, 2011 at 5:39 PM, Andreas Braathen
wrote:
Squid is sending SYN packets to des
edit /etc/sysctl.conf
change net.ipv4.tcp_syncookies=1 to net.ipv4.tcp_syncookies=0 and
reboot. dont forget to remove the # from the beginning of the line.
On Sat, Apr 23, 2011 at 5:39 PM, Andreas Braathen
wrote:
>
> Squid is sending SYN packets to destination when receiving GET request from
> i
Squid is sending SYN packets to destination when receiving GET request from
internals hosts. I want Squid to forward the GET request. How is this possible?
it might worth trying to change few bits in the source code and
implement this feature. I thought about adding 'tos' field to squid
reply_header structure and read this value from source. However ,
squid doesn't deal with packets, it deals with HTTP requests/replies.
in our case ,how do you guarant
On Sat, 2011-04-23 at 20:36 +0800, jiluspo wrote:
remote servers I mean http web servers TOS.
I already know about peers in fact current squid(as of 04/24/11) TOS are
not
being marked peer(digest or icp) hit when local miss.
http://bugs.squid-cache.org/show_bug.cgi?id=3202
AFAIK squid 2 series
On Sat, 2011-04-23 at 20:36 +0800, jiluspo wrote:
> remote servers I mean http web servers TOS.
> I already know about peers in fact current squid(as of 04/24/11) TOS are not
> being marked peer(digest or icp) hit when local miss.
> http://bugs.squid-cache.org/show_bug.cgi?id=3202
>
> AFAIK squid
remote servers I mean http web servers TOS.
I already know about peers in fact current squid(as of 04/24/11) TOS are not
being marked peer(digest or icp) hit when local miss.
http://bugs.squid-cache.org/show_bug.cgi?id=3202
AFAIK squid 2 series TOS always marked zero from remote servers.
accord
It depends on how squid is getting traffic from remote serversif
you are fetching requests from remote cache peer then it is possible
to set the TOS headers depending on the parent/sibling reply.
If you have a parent/sibling proxy configured in your local squid ,
then you can set the parent_hit
squid can set TOS but why squid cant get TOS value from remote server or
pass them on miss.
patching kernel for geting the TOS value and pass to squid is the only
solution? or it was chosen for highest performance...
--
This message has been scanned for viruses and
dangerous content by Mai
Hi Amos,
You mentioned in the post below that this is "One of the design flaws
we have not yet removed from Squid.". Is there a bug ID already?
http://www.squid-cache.org/mail-archive/squid-users/201011/0432.html
acl http_err_log http_status 301-307 400-406 408-417 500-
access_log /usr/local/squ
17 matches
Mail list logo
