Hi,
I have squid setup to log all requests for security reasons.
When doing an npm install, npm sometimes gets a connection reset error
and fails.
In the cache log, I can see many messages like :

2022/05/12 09:20:00 kid1| helperOpenServers: Starting 1/32 'ssl_crtd' processes
2022/05/12 09:20:00 kid1| WARNING: All 32/32 ssl_crtd processes are busy.
2022/05/12 09:20:00 kid1| WARNING: 32 pending requests queued
2022/05/12 09:20:00 kid1| WARNING: Consider increasing the number of
ssl_crtd processes in your config file.
2022/05/12 09:20:00 kid1| Queue overload, rejecting
2022/05/12 09:20:00 kid1| Queue overload, rejecting
(with 100s of queue overloads)

BUT http://www.squid-cache.org/Versions/v3/3.5/cfgman/sslcrtd_children.html
says the maximum safe value is 32. Later versions don't allow values over 32.
(I'm on 3.5)

So, where do I go from here??

What is the "unsafe" worst case? Packet loss, high server load, squid
crashing out, etc..?

I did increase it to 64 and the idle to 5 so far haven't seen one of
the failures from npm, but my cache log still shows :

2022/05/12 10:14:30 kid1| helperOpenServers: Starting 5/64 'ssl_crtd' processes
2022/05/12 10:14:30 kid1| Starting new ssl_crtd helpers...
2022/05/12 10:14:30 kid1| helperOpenServers: Starting 4/64 'ssl_crtd' processes
2022/05/12 10:14:44 kid1| WARNING: All 64/64 ssl_crtd processes are busy.
2022/05/12 10:14:44 kid1| WARNING: 64 pending requests queued
2022/05/12 10:14:44 kid1| WARNING: Consider increasing the number of
ssl_crtd processes in your config file.
2022/05/12 10:14:44 kid1| Queue overload, rejecting
2022/05/12 10:14:44 kid1| Queue overload, rejecting

Which queue do I increase to prevent the overload? Squid is configured
without any auth, mostly ACL and ssl setup.


Thanks
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Reply via email to