Dear group
I've a problem about packet dropped on Linux Gentoo.
I use squid squid-2.5.STABLE3 and Linux kernel 2.4.26=gentoo-r6
node04 root # uname -a
Linux node04 2.4.26-gentoo-r6 #4 Thu Jul 29 17:29:09 ICT 2004 i686
Intel(R) Pentium(R) 4 CPU 2.80GHz GenuineIntel GNU/Linux
the system is dedicated to run squid only. all our client is dial-up
modem 56K and it serve up to 500 request/s
we use WCCPv2 + Cisco router for redirect packet to squid on port 80
and we use iptables redirect all port 80
connection to squid port 3128
--------- System informatio ------------
- P-IV 2.80E
- ASUS P4P800 SE
- RAM 2GB
- 2 Harddisk IDE Seagate 120GB and 40GB
After squid work for a day the most memory was allocated to
buffer/cache
and swap grow up to 700MB
node04 root # vmstat 1
procs -----------memory---------- ---swap-- -----io---- --system--
----cpu----
r b swpd free buff cache si so bi bo in cs us
sy id wa
2 2 752700 50200 123536 574736 1 1 64 55 58 48 28
47 25 0
3 1 752700 49348 123576 575552 0 0 536 0 9803 5638 49
51 0 0
3 1 752700 49932 123564 575052 0 0 292 0 10829 5950
44 54 2 0
2 5 752700 50476 123616 574352 0 0 496 2048 9846 5591 49
51 0 0
3 3 752700 49924 123684 574956 0 0 544 0 9316 5554 46
54 0 0
2 0 752700 50548 123688 574512 0 0 344 0 9699 5820 50
50 0 0
2 0 752700 49912 123744 575028 0 0 412 0 9826 5663 50
50 0 0
3 4 752700 50168 123712 574876 0 0 700 0 9166 5550 45
55 0 0
We have many packet drop reported on /var/log/message
Aug 5 19:55:44 node04 Out of socket memory
Aug 5 19:55:49 node04 NET: 3 messages suppressed.
Aug 5 19:55:49 node04 Out of socket memory
Aug 5 19:55:53 node04 NET: 4 messages suppressed.
Aug 5 19:55:53 node04 Out of socket memory
Aug 5 19:55:58 node04 NET: 6 messages suppressed.
and
Aug 5 20:32:29 node04 ip_conntrack: table full, dropping packet.
Aug 5 20:32:33 node04 NET: 5 messages suppressed.
Aug 5 20:32:33 node04 ip_conntrack: table full, dropping packet.
Aug 5 20:32:38 node04 NET: 11 messages suppressed.
Aug 5 20:32:38 node04 ip_conntrack: table full, dropping packet.
Aug 5 20:32:43 node04 NET: 3 messages suppressed.
Is it caused from memory leak or not ? and how I tune Squid/Linux
system to solve this problem ?
Thank you.
---------- squid config -----------
./configure --prefix=/usr --exec_prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid --enable-async-io --enable-storeio=ufs,diskd,coss,aufs,null --enable-linux-netfilter --enable-wccpv2 --enable-snmp --enable-poll --enable-underscores -enable-removal-policies=heap,lru
---------- squidclient -------------
node04 root # squidclient mgr:5min
HTTP/1.0 200 OK
Server: squid/2.5.STABLE3
Mime-Version: 1.0
Date: Thu, 05 Aug 2004 13:46:17 GMT
Content-Type: text/plain
Expires: Thu, 05 Aug 2004 13:46:17 GMT
Last-Modified: Thu, 05 Aug 2004 13:46:17 GMT
X-Cache: MISS from tot00
Proxy-Connection: close
sample_start_time = 1091713241.975307 (Thu, 05 Aug 2004 13:40:41 GMT)
sample_end_time = 1091713542.31136 (Thu, 05 Aug 2004 13:45:42 GMT)
client_http.requests = 421.421575/sec
client_http.hits = 248.723713/sec
client_http.errors = 0.000000/sec
client_http.kbytes_in = 183.625828/sec
client_http.kbytes_out = 2036.597663/sec
client_http.all_median_svc_time = 0.127833 seconds
client_http.miss_median_svc_time = 0.339434 seconds
client_http.nm_median_svc_time = 0.078255 seconds
client_http.nh_median_svc_time = 0.399283 seconds
client_http.hit_median_svc_time = 0.097357 seconds
server.all.requests = 177.876898/sec
server.all.errors = 0.000000/sec
server.all.kbytes_in = 1141.470909/sec
server.all.kbytes_out = 109.319656/sec
server.http.requests = 177.876898/sec
server.http.errors = 0.000000/sec
server.http.kbytes_in = 1141.470909/sec
server.http.kbytes_out = 109.322989/sec
server.ftp.requests = 0.000000/sec
server.ftp.errors = 0.000000/sec
server.ftp.kbytes_in = 0.000000/sec
server.ftp.kbytes_out = 0.000000/sec
server.other.requests = 0.000000/sec
server.other.errors = 0.000000/sec
server.other.kbytes_in = 0.000000/sec
server.other.kbytes_out = 0.000000/sec
icp.pkts_sent = 0.000000/sec
icp.pkts_recv = 0.000000/sec
icp.queries_sent = 0.000000/sec
icp.replies_sent = 0.000000/sec
icp.queries_recv = 0.000000/sec
icp.replies_recv = 0.000000/sec
icp.replies_queued = 0.000000/sec
icp.query_timeouts = 0.000000/sec
icp.kbytes_sent = 0.000000/sec
icp.kbytes_recv = 0.000000/sec
icp.q_kbytes_sent = 0.000000/sec
icp.r_kbytes_sent = 0.000000/sec
icp.q_kbytes_recv = 0.000000/sec
icp.r_kbytes_recv = 0.000000/sec
icp.query_median_svc_time = 0.000000 seconds
icp.reply_median_svc_time = 0.000000 seconds
dns.median_svc_time = 9.702421 seconds
unlink.requests = 0.000000/sec
page_faults = 0.006665/sec
select_loops = 37.846290/sec
select_fds = 2870.752429/sec
average_select_fd_period = 0.000347/fd
median_select_fds = 73.710938
swap.outs = 18.156621/sec
swap.ins = 364.572154/sec
swap.files_cleaned = 0.000000/sec
aborted_requests = 14.813910/sec
syscalls.polls = 107.829933/sec
syscalls.disk.opens = 0.000000/sec
syscalls.disk.closes = 0.000000/sec
syscalls.disk.reads = 0.000000/sec
syscalls.disk.writes = 125.703274/sec
syscalls.disk.seeks = 0.000000/sec
syscalls.disk.unlinks = 0.000000/sec
syscalls.sock.accepts = 213.236984/sec
syscalls.sock.sockets = 118.168009/sec
syscalls.sock.connects = 116.028408/sec
syscalls.sock.binds = 116.831591/sec
syscalls.sock.closes = 293.861980/sec
syscalls.sock.reads = 1556.636982/sec
syscalls.sock.writes = 1501.723868/sec
syscalls.sock.recvfroms = 27.911472/sec
syscalls.sock.sendtos = 32.593934/sec
cpu_time = 279.460000 seconds
wall_time = 300.055829 seconds
cpu_usage = 93.136001%
----------- sysctl -----------
node04 root # sysctl -a
sunrpc.nlm_debug = 0
sunrpc.nfsd_debug = 0
sunrpc.nfs_debug = 0
sunrpc.rpc_debug = 0
abi.fake_utsname = 0
abi.trace = 0
abi.defhandler_libcso = 68157441
abi.defhandler_lcall7 = 68157441
abi.defhandler_elf = 0
abi.defhandler_coff = 117440515
dev.cdrom.check_media = 0
dev.cdrom.lock = 1
dev.cdrom.debug = 0
dev.cdrom.autoeject = 0
dev.cdrom.autoclose = 1
dev.cdrom.info = CD-ROM information, Id: cdrom.c 3.12 2000/10/18
dev.cdrom.info =
dev.cdrom.info = drive name: hdd
dev.cdrom.info = drive speed: 52
dev.cdrom.info = drive # of slots: 1
dev.cdrom.info = Can close tray: 1
dev.cdrom.info = Can open tray: 1
dev.cdrom.info = Can lock tray: 1
dev.cdrom.info = Can change speed: 1
dev.cdrom.info = Can select disk: 0
dev.cdrom.info = Can read multisession: 1
dev.cdrom.info = Can read MCN: 1
dev.cdrom.info = Reports media changed: 1
dev.cdrom.info = Can play audio: 1
dev.cdrom.info = Can write CD-R: 0
dev.cdrom.info = Can write CD-RW: 0
dev.cdrom.info = Can read DVD: 0
dev.cdrom.info = Can write DVD-R: 0
dev.cdrom.info = Can write DVD-RAM: 0
dev.cdrom.info =
dev.cdrom.info =
net.unix.max_dgram_qlen = 10
net.ipv4.ip_conntrack_max = 160000
net.ipv4.netfilter.ip_conntrack_generic_timeout = 600
net.ipv4.netfilter.ip_conntrack_icmp_timeout = 30
net.ipv4.netfilter.ip_conntrack_udp_timeout_stream = 180
net.ipv4.netfilter.ip_conntrack_udp_timeout = 30
net.ipv4.netfilter.ip_conntrack_tcp_timeout_close = 10
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120
net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack = 30
net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60
net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120
net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 432000
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120
net.ipv4.netfilter.ip_conntrack_buckets = 8192
net.ipv4.netfilter.ip_conntrack_max = 160000
net.ipv4.conf.eth0.force_igmp_version = 0
net.ipv4.conf.eth0.arp_ignore = 0
net.ipv4.conf.eth0.arp_announce = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.tag = 0
net.ipv4.conf.eth0.log_martians = 0
net.ipv4.conf.eth0.bootp_relay = 0
net.ipv4.conf.eth0.medium_id = 0
net.ipv4.conf.eth0.proxy_arp = 0
net.ipv4.conf.eth0.accept_source_route = 1
net.ipv4.conf.eth0.send_redirects = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.eth0.shared_media = 1
net.ipv4.conf.eth0.secure_redirects = 1
net.ipv4.conf.eth0.accept_redirects = 1
net.ipv4.conf.eth0.mc_forwarding = 0
net.ipv4.conf.eth0.forwarding = 0
net.ipv4.conf.lo.force_igmp_version = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.tag = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.lo.bootp_relay = 0
net.ipv4.conf.lo.medium_id = 0
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.lo.accept_source_route = 1
net.ipv4.conf.lo.send_redirects = 1
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.lo.shared_media = 1
net.ipv4.conf.lo.secure_redirects = 1
net.ipv4.conf.lo.accept_redirects = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 0
net.ipv4.conf.default.force_igmp_version = 0
net.ipv4.conf.default.arp_ignore = 0
net.ipv4.conf.default.arp_announce = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.tag = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.default.bootp_relay = 0
net.ipv4.conf.default.medium_id = 0
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.default.accept_source_route = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.shared_media = 1
net.ipv4.conf.default.secure_redirects = 1
net.ipv4.conf.default.accept_redirects = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 0
net.ipv4.conf.all.force_igmp_version = 0
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.tag = 0
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.all.bootp_relay = 0
net.ipv4.conf.all.medium_id = 0
net.ipv4.conf.all.proxy_arp = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.send_redirects = 1
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.shared_media = 1
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.all.accept_redirects = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.all.forwarding = 0
net.ipv4.neigh.eth0.locktime = 100
net.ipv4.neigh.eth0.proxy_delay = 80
net.ipv4.neigh.eth0.anycast_delay = 100
net.ipv4.neigh.eth0.proxy_qlen = 64
net.ipv4.neigh.eth0.unres_qlen = 3
net.ipv4.neigh.eth0.gc_stale_time = 60
net.ipv4.neigh.eth0.delay_first_probe_time = 5
net.ipv4.neigh.eth0.base_reachable_time = 30
net.ipv4.neigh.eth0.retrans_time = 100
net.ipv4.neigh.eth0.app_solicit = 0
net.ipv4.neigh.eth0.ucast_solicit = 3
net.ipv4.neigh.eth0.mcast_solicit = 3
net.ipv4.neigh.lo.locktime = 100
net.ipv4.neigh.lo.proxy_delay = 80
net.ipv4.neigh.lo.anycast_delay = 100
net.ipv4.neigh.lo.proxy_qlen = 64
net.ipv4.neigh.lo.unres_qlen = 3
net.ipv4.neigh.lo.gc_stale_time = 60
net.ipv4.neigh.lo.delay_first_probe_time = 5
net.ipv4.neigh.lo.base_reachable_time = 30
net.ipv4.neigh.lo.retrans_time = 100
net.ipv4.neigh.lo.app_solicit = 0
net.ipv4.neigh.lo.ucast_solicit = 3
net.ipv4.neigh.lo.mcast_solicit = 3
net.ipv4.neigh.default.gc_thresh3 = 1024
net.ipv4.neigh.default.gc_thresh2 = 512
net.ipv4.neigh.default.gc_thresh1 = 128
net.ipv4.neigh.default.gc_interval = 30
net.ipv4.neigh.default.locktime = 100
net.ipv4.neigh.default.proxy_delay = 80
net.ipv4.neigh.default.anycast_delay = 100
net.ipv4.neigh.default.proxy_qlen = 64
net.ipv4.neigh.default.unres_qlen = 3
net.ipv4.neigh.default.gc_stale_time = 60
net.ipv4.neigh.default.delay_first_probe_time = 5
net.ipv4.neigh.default.base_reachable_time = 30
net.ipv4.neigh.default.retrans_time = 100
net.ipv4.neigh.default.app_solicit = 0
net.ipv4.neigh.default.ucast_solicit = 3
net.ipv4.neigh.default.mcast_solicit = 3
net.ipv4.tcp_westwood = 0
net.ipv4.ipfrag_secret_interval = 600
net.ipv4.tcp_low_latency = 0
net.ipv4.tcp_frto = 0
net.ipv4.tcp_tw_reuse = 0
net.ipv4.icmp_ratemask = 6168
net.ipv4.icmp_ratelimit = 100
net.ipv4.tcp_adv_win_scale = 2
net.ipv4.tcp_app_win = 31
net.ipv4.tcp_rmem = 4096 87380 174760
net.ipv4.tcp_wmem = 4096 16384 131072
net.ipv4.tcp_mem = 97280 97792 98304
net.ipv4.tcp_dsack = 1
net.ipv4.tcp_ecn = 0
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_fack = 1
net.ipv4.tcp_orphan_retries = 0
net.ipv4.inet_peer_gc_maxtime = 120
net.ipv4.inet_peer_gc_mintime = 10
net.ipv4.inet_peer_maxttl = 600
net.ipv4.inet_peer_minttl = 120
net.ipv4.inet_peer_threshold = 65664
net.ipv4.igmp_max_msf = 10
net.ipv4.igmp_max_memberships = 20
net.ipv4.route.secret_interval = 600
net.ipv4.route.min_adv_mss = 256
net.ipv4.route.min_pmtu = 552
net.ipv4.route.mtu_expires = 600
net.ipv4.route.gc_elasticity = 8
net.ipv4.route.error_burst = 500
net.ipv4.route.error_cost = 100
net.ipv4.route.redirect_silence = 2048
net.ipv4.route.redirect_number = 9
net.ipv4.route.redirect_load = 2
net.ipv4.route.gc_interval = 60
net.ipv4.route.gc_timeout = 300
net.ipv4.route.gc_min_interval = 0
net.ipv4.route.max_size = 262144
net.ipv4.route.gc_thresh = 16384
net.ipv4.route.max_delay = 10
net.ipv4.route.min_delay = 2
net.ipv4.icmp_ignore_bogus_error_responses = 0
net.ipv4.icmp_echo_ignore_broadcasts = 0
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.ip_local_port_range = 32768 61000
net.ipv4.tcp_max_syn_backlog = 32768
net.ipv4.tcp_rfc1337 = 0
net.ipv4.tcp_stdurg = 0
net.ipv4.tcp_abort_on_overflow = 0
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.ipfrag_time = 30
net.ipv4.ip_dynaddr = 0
net.ipv4.ipfrag_low_thresh = 196608
net.ipv4.ipfrag_high_thresh = 262144
net.ipv4.tcp_max_tw_buckets = 180000
net.ipv4.tcp_max_orphans = 16384
net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_syn_retries = 5
net.ipv4.ip_nonlocal_bind = 0
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.ip_autoconfig = 1
net.ipv4.ip_default_ttl = 64
net.ipv4.ip_forward = 0
net.ipv4.tcp_retrans_collapse = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.core.somaxconn = 128
net.core.hot_list_length = 128
net.core.optmem_max = 10240
net.core.message_burst = 50
net.core.message_cost = 5
net.core.mod_cong = 290
net.core.lo_cong = 100
net.core.no_cong = 20
net.core.no_cong_thresh = 10
net.core.netdev_max_backlog = 300
net.core.dev_weight = 64
net.core.rmem_default = 106496
net.core.wmem_default = 106496
net.core.rmem_max = 131071
net.core.wmem_max = 131071
vm.block_dump = 0
vm.laptop_mode = 0
vm.max_map_count = 65536
vm.max-readahead = 31
vm.min-readahead = 3
vm.page-cluster = 3
vm.pagetable_cache = 25 50
vm.kswapd = 512 32 8
vm.overcommit_memory = 0
vm.bdflush = 50 500 0 0 500 3000 60 20
0
vm.vm_passes = 60
vm.vm_lru_balance_ratio = 2
vm.vm_mapped_ratio = 100
vm.vm_cache_scan_ratio = 6
vm.vm_vfs_scan_ratio = 6
vm.vm_gfp_debug = 0
kernel.overflowgid = 65534
kernel.overflowuid = 65534
kernel.random.uuid = ac51ba35-c96d-44a3-a979-119d214e53a0
kernel.random.boot_id = ff597e6e-37fa-45e9-a6c3-27b40b981fe6
kernel.random.write_wakeup_threshold = 128
kernel.random.read_wakeup_threshold = 8
kernel.random.entropy_avail = 4096
kernel.random.poolsize = 512
kernel.threads-max = 14336
kernel.cad_pid = 1
kernel.sem = 250 32000 32 128
kernel.msgmnb = 16384
kernel.msgmni = 16
kernel.msgmax = 8192
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.shmmax = 33554432
kernel.rtsig-max = 1024
kernel.rtsig-nr = 0
kernel.hotplug = /sbin/hotplug
kernel.modprobe = /sbin/modprobe
kernel.printk = 1 4 1 7
kernel.ctrl-alt-del = 0
kernel.cap-bound = -257
kernel.tainted = 1
kernel.core_pattern = core
kernel.core_setuid_ok = 0
kernel.core_uses_pid = 0
kernel.panic = 0
kernel.domainname = inet.co.th
kernel.hostname = node04
kernel.version = #4 Thu Jul 29 17:29:09 ICT 2004
kernel.osrelease = 2.4.26-gentoo-r6
kernel.ostype = Linux
fs.lease-break-time = 45
fs.dir-notify-enable = 1
fs.leases-enable = 1
fs.overflowgid = 65534
fs.overflowuid = 65534
fs.dentry-state = 311571 280155 45 0 0 0
fs.file-max = 209683
fs.file-nr = 27256 9300 209683
fs.inode-state = 308731 591730 0 0 0 0 0
fs.inode-nr = 308731 591730
-- ______________________________________________ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by OutblazeReceived on Thu Aug 05 2004 - 20:35:47 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:01 MDT