[squid-users] Intermittent Hangups with Squid and NTLM Auth from Brian Kirk on 2007-07-31 (squid-users)

From: Brian Kirk <bekirk@dont-contact.us>
Date: Tue, 31 Jul 2007 15:50:42 -0400

Red Hat ES release 4 update 4
Squid 2.6 Stable 9
Samba 3.0.23

We from time to time have problems with the ntlm_auth where every
process in the NTLM User Authenticator Stats on the cachemgr.cgi seems
to be hung. We have tried from 30 processes up to 100 processes, but
it doesn't help. Seems to happen during high traffic times.

We see core files in the /var/cache directory.

We see these lines repeated over again when it first started today in
the /var/log/samba/winbindd.log:
[2007/07/31 09:58:58, 0] nsswitch/winbindd.c:process_loop(832)
winbindd: Exceeding 200 client connections, no idle connection found
[2007/07/31 09:58:58, 0] nsswitch/winbindd.c:process_loop(813)
winbindd: Exceeding 200 client connections, no idle connection found

We start seeing these messages in the /var/log/squid/cache.log:
2007/07/31 09:57:31| WARNING: up to 405 pending requests queued
2007/07/31 09:57:31| Consider increasing the number of
ntlmauthenticator processes to at least 505 in your config file.
2007/07/31 09:57:49| urlParse: Illegal character in hostname
'www.harpoonharry's.com'
2007/07/31 09:58:01| WARNING: All ntlmauthenticator processes are busy.
2007/07/31 09:58:01| WARNING: up to 478 pending requests queued
2007/07/31 09:58:01| Consider increasing the number of
ntlmauthenticator processes to at least 578 in your config file.
2007/07/31 09:58:12| storeDirWriteCleanLogs: Starting...
2007/07/31 09:58:12| WARNING: Closing open FD 145
2007/07/31 09:58:12| commSetEvents: epoll_ctl(EPOLL_CTL_DEL): failed
on fd=145: (1) Operation not permitted
2007/07/31 09:58:12| 65536 entries written so far.
2007/07/31 09:58:12| Finished. Wrote 71404 entries.
2007/07/31 09:58:12| Took 0.0 seconds (2146262.3 entries/sec).
FATAL: Too many queued ntlmauthenticator requests (501 on 100)
Squid Cache (Version 2.6.STABLE9): Terminated abnormally.

I have found message in samba groups but no one every responded to it:
http://lists.samba.org/archive/samba/2005-September/110414.html

Any help would be greatly appreciated.

Thank you,
Brian Kirk
Received on Tue Jul 31 2007 - 13:50:48 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:04 MDT