Re: [squid-users] code red is making horrible on our network

From: Luiz Lima <llima@dont-contact.us>
Date: Sun, 12 Aug 2001 22:58:08 -0300

> Do you have a squid acl denying code-red urls?

ACLs won't do. The request is denied by Squid by default because Squid
considers them invalid and returns a 411 error (and logs NONE/411).

The problem seems to be Squid trying to send the error back to the client.
Since the originating computer's bandwidth is too busy with Code Red, Squid
can't send the errors fast enough, taking all SYN connections made available
by the kernel.

Looks like changing tcp_max_syn_backlog to a higher number fix the problem
because, even though the box will have to work hard anyway, at least it
won't be stopped by the Code Red flood.

---
Luiz Lima
Image Link Internet
http://www.imagelink.com.br
Received on Sun Aug 12 2001 - 19:58:17 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:35 MST