Thank you everybory for the assistance !
I got fix it !
I did change the limits of the OS before and then I reinstalled the Squid
ulimit -HSn 8192
and after that the symptom of the problem has disapeared.
Acctually I did also increse the number of ntlm authenticators proccess.
regards,
Rodrigo.
On Mon, 10 Jan 2005 21:52:57 -0500, Adam Aube <aaube01@baker.edu> wrote:
> Please don't post the same message to the list multiple times.
>
> rodd wrote:
>
> > I am having some problems using my Squid authenticating
> > against my Active Directory Server.
> > I have this environment working for about 6 months, and it was
> > fine, but since last month its behavior became very strange. The point
> > is when the clients request a page, some time it works fine, but some
> > times they get an error like: "The page cannot be displayed".
>
> Have you upgraded any software or installed any patches on the Squid server
> or the domain controller? Has your useage level increased significantly?
>
> > I have checked many things, starting with the DNS sctructure,
> > and I didn`t find any problem. I've checked the response time between
> > my workstation machine and the Squid Server, and between the Squid
> > Server and the AD server, and is everything fine, acctualy they are
> > all in the same LAN.
>
> How are you checking this?
>
> > I tryed many different configurations of samba and squid to
> > solve that, but it is still happen. I changed my smb.conf and the
> > squid.conf and now it is like that:
>
> [squid.conf and smb.conf snipped]
>
> I see you are using NTLM authentication. Due to the nature of NTLM, problems
> often occur for one of two reasons:
>
> 1) Insufficient NTLM helpers (most common)
> 2) Too much load on the DC
>
> Increase the number of helpers and see what happens. If the problem recurs,
> but takes longer than before to start happening, keep increasing the number
> of helpers until the problem goes away.
>
> Also, Cache Manager has an page of interesting info on the NTLM helpers.
> This may also help point you in the direction of the problem.
>
> > The softwares versions are:
> >
> > Squid: Version 2.5.STABLE7
> > Winbindd: Version 3.0.7
> > krb5 - 1.2.7-24
> > and Red Hat Enterprise Server
>
> > Other important information is when I stop the
> > authentication, the problem stop. Other important information is that
> > the problem just happen during the bussiness day, we have around 3000
> > users accessing the internet. Btw, the cpu and memory of the server
> > are ok. I tryed also disabling the cache, but without success.
>
> How many concurrent requests to the proxy? For NTLM, the recommendation is
> one helper for each concurrent request.
>
> > Other very interesting thing is that I have a backup proxy
> > server, and in that server the problem doesn`t happened, so, I
> > switched the clients to the backup server
>
> > the clients are accessing the backup server since two weeks ago without
> > any problem, but today the problem also started in the backup server.
>
> Which makes it seem like a load issue, though if all the clients were
> switched to the backup at once, it's odd that it would take two weeks for
> the problem to occur there as well. Was the load lighter than normal for
> the first part of the two weeks?
>
> Adam
>
>
Received on Tue Jan 18 2005 - 06:18:55 MST
This archive was generated by hypermail pre-2.1.9 : Mon Mar 07 2005 - 12:59:35 MST