commBind: Cannot bind socket

From: Manuel Elgorriaga <>
Date: Tue, 20 Apr 1999 14:34:46 +0200

Hi all,
Well, I've recently found the same error messages as Dmitry E. Kiselyov
has described:
   "commBind: Cannot bind socket ..."
same thing, but in the previous squid version.
I'm running squid-2.1 patch 2 under Linux, Kernel 2.0.35 (from SuSE
5.3). The machine ist primarly the gateway from our intranet
to the internet, having thus 2 ethernet interfaces configured. The
gateway/server is running also the ipfwadm-Firewall with transparent
proxy enabled on port 80, and masquerading for some other services (ftp,
The problem (see the log-file entries from Appendix A, timestamps
deleted) shows up after starting squid and doing the first
http-request.At this moment the first error
   "commBind: Cannot bind socket FD 16 to (99) Cannot
assign requested address"
appears, followed immediately by the two lines:
   "icmpRecv: recv: (111) Connection refused", and
   "Closing Pinger socket on FD 39"
and contīnuing with the first message for every subsequent http request
(you won't believe, how quickly my log-files are growing this way!). As
you can see on some excerpt lines from my squid configuration file in
Appendix B (nothing special, no hierarchies, just a straightforward
proxy), I've defined the location of the pinger program and also the
parameters for accelerated proxy, because I soon have to install our
external Web server on this machine too (I know, it's not the best
solution), but, anyway, it's not running at this moment yet.
For more information, I give in Appendix C some of the firewall rules
that may play a role in this case, as well as the compilation optins of
squid (Appendix D).
And my obvious question now is: Why? What is happening (It didn't happen
with the previous versions of squid 2.0)? Is something wrong with my
configuration? Should I deactivate the pinger program and ICMP?
Sorry for the big mail with all the Appendices, but I try to give as
much clues as possible. Any hints greatly appreciated and many thanks in
Manuel Elgorriaga
Swiss Library for the Blind

Appendix A: log entries when starting squid and doing a first
 Starting Squid Cache version 2.1.PATCH2 for i686-pc-linux-gnu...
 Process ID 4497
 With 256 file descriptors available
 helperOpenServers: Starting 5 'dnsserver' processes
 Unlinkd pipe opened on FD 14
 Swap maxSize 102400 KB, estimated 7876 objects
 Target number of buckets: 157
 Using 8192 Store buckets, replacement runs every 10 seconds
 Max Mem size: 8192 KB
 Max Swap size: 102400 KB
 Rebuilding storage in Cache Dir #0 (DIRTY)
 Loaded Icons.
 Accepting HTTP connections on port 80, FD 37.
 Pinger socket opened on FD 39
 NETDB state reloaded; 0 entries, 11 msec
 Ready to serve requests.
 Done reading Cache Dir #0 swaplog (13504 entries)
 Finished rebuilding storage disk.
     12149 Entries read from previous logfile.
         0 Entries scanned from swap files.
         0 Invalid entries.
         0 With invalid flags.
     10798 Objects loaded.
         0 Objects expired.
      1351 Objects cancelled.
         0 Duplicate URLs purged.
         0 Swapfile clashes avoided.
   Took 0 seconds (10798.0 objects/sec).
 Beginning Validation Procedure
   Completed Validation Procedure
   Validated 10798 Entries
   store_swap_size = 87274k
 storeLateRelease: released 0 objects
 commBind: Cannot bind socket FD 16 to (99) Cannot
assign requested address
 icmpRecv: recv: (111) Connection refused
 Closing Pinger socket on FD 39
 commBind: Cannot bind socket FD 19 to (99) Cannot
assign requested address
 commBind: Cannot bind socket FD 21 to (99) Cannot
assign requested address
 commBind: Cannot bind socket FD 22 to (99) Cannot
assign requested address
 ... (and so on, on every http request) ...

Appendix B: Extract from squid.conf
http_port 80
pinger_program /usr/local/squid/bin/pinger
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

Appendix C: Extract from the firewall rules on the gateway (gw) where
squid is running
... (initializations) ...
# Transparent Proxy for HTTP
ipfwadm -I -a acc -S $ip_any_intranet $highports -D $ip_any_world $http
-P tcp -r 80 -V $ip_gw_intranet
# Unlimited traffic within the intranet
ipfwadm -I -a accept -V $ip_gw_intranet
ipfwadm -O -a accept -V $ip_gw_intranet
# Unlimited traffic for loopback
ipfwadm -I -a accept -V $ip_gw_lo
ipfwadm -O -a accept -V $ip_gw_lo
# Unlimited ICMP traffic
ipfwadm -O -a acc -S $ip_gw_internet -D $ip_any_world -P icmp -V
ipfwadm -I -a acc -S $ip_any_world -D $ip_gw_internet -P icmp -V
ipfwadm -F -a acc -S $ip_any_intranet -D $ip_any -P icmp
... (DNS firewall) ...
# HTTP (access from any intranet pc to the internet)
ipfwadm -O -a acc -S $ip_gw_internet $highports -D $ip_any_world $http
-P tcp -V $ip_gw_internet
ipfwadm -I -a acc -S $ip_any_world $http -D $ip_gw_internet $highports
-P tcp -V $ip_gw_internet -k
... (other services) ...

Appendix D: Compilation options for squid

* * * End of Mail * * *
Received on Tue Apr 20 1999 - 06:44:03 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:52 MST