RS: [squid-users] winbindd: Exceeding 200 client connections, no idle connection found

Hello,

I'm using squid 2.5stable14 because I'm using websense as web filter. As far as I know, it only works with squid 2.5.
I'm planning to replace Websense with DansGuardian in March, so I will be able to upgrade Squid.
Does the new version of Squid solve my problem? Or I will also have to apply the patch Adrian Chadd suggested on the previous post? Is there any automatic process to apply the patch (like an script) or do I have to edit the configuration files by hand?

To Elvar: yes,users are getting popup windows on their browsers.

Thanks.

-----Missatge original-----
De: Amos Jeffries [mailto:squid3@treenet.co.nz]
Enviat el: ds. 19/01/2008 02:24
Per a: Adrian Chadd
A/c: Francisco Martinez Espadas; squid-users@squid-cache.org
Tema: Re: [squid-users] winbindd: Exceeding 200 client connections, no idle connection found
 
Please also use a more recent squid release.

Currently supported releases are:
  2.6stable17+ if you are running high-performance servers
  3.0-stable1+ if you can.

Amos

Adrian Chadd wrote:
> On Fri, Jan 18, 2008, Francisco Martinez Espadas wrote:
>> ???Hello,
>>
>> Since a few days ago I can't grant acces to users on my company network
>> using Squid.
>> I am having problems with 2 winbind processes that are using a huge
>
> Thank Samba for their fantastic implementation of windows authentication. :)
>
>> amount of CPU when users enter the system.
>> The following is the winbind log:
>>> nsswitch/winbindd.c:process_loop(813)
>>> winbindd: Exceeding 200 client connections, no idle connection found
>
> http://devel.squid-cache.org/projects.html#ntlm_ip_cache
>
>
>
> Adrian
>
>>>
>>> ???and the cache.log:
>> 2008/01/18 11:05:24| WARNING: All ntlmauthenticator processes are busy.
>> 2008/01/18 11:05:24| WARNING: up to 30 pending requests queued
>> 2008/01/18 11:05:54| WARNING: All ntlmauthenticator processes are busy.
>> 2008/01/18 11:05:54| WARNING: up to 59 pending requests queued
>> 2008/01/18 11:05:54| Consider increasing the number of ntlmauthenticator processes to at least 89 in your config file.
>> 2008/01/18 11:06:24| WARNING: All ntlmauthenticator processes are busy.
>> 2008/01/18 11:06:24| WARNING: up to 98 pending requests queued
>> 2008/01/18 11:06:24| Consider increasing the number of ntlmauthenticator processes to at least 128 in your config file.
>> 2008/01/18 11:06:54| WARNING: All ntlmauthenticator processes are busy.
>> 2008/01/18 11:06:54| WARNING: up to 149 pending requests queued
>> 2008/01/18 11:06:54| Consider increasing the number of ntlmauthenticator processes to at least 179 in your config file.
>> 2008/01/18 11:06:55| storeDirWriteCleanLogs: Starting...
>> 2008/01/18 11:06:55| WARNING: Closing open FD 8
>> 2008/01/18 11:06:55| 65536 entries written so far.
>> 2008/01/18 11:06:55| WARNING: Closing open FD 84
>> 2008/01/18 11:06:55| Finished. Wrote 110308 entries.
>> 2008/01/18 11:06:55| Took 0.1 seconds (838174.8 entries/sec).
>> FATAL: Too many queued ntlmauthenticator requests (151 on 30)
>> Squid Cache (Version 2.5.STABLE14): Terminated abnormally.
>> I have been looking for some info and I've found this reopened
>> bug:https://bugzilla.samba.org/show_bug.cgi?id=3204).
>>
>> Has anyone had the same problem and has succeeded on solving it?
>> It's weird because Squid was working great until I updated Samba from
>> Ubuntu repositories.
>>
>> This is my Scenario:
>>> S.O. Ubuntu 7.04
>>> Versiones Samba y Winbind 3.0.24
>>> Usuarios, sobre unos 500
>>> Squid:
>>>
>>> $ squid -v
>>> Squid Cache: Version 2.5.STABLE14
>>> configure options: --prefix=/usr --exec_prefix=/usr
>>> --bindir=/usr/sbin --sbindir=/usr/sbin --libexecdir=/usr/lib/squid
>>> --sysconfdir=/etc/squid --localstatedir=/var/spool/squid
>>> --datadir=/usr/share/squid --enable-linux-netfilter --enable-async-io
>>> --enable-storeio=aufs --enable-arp-acl
>>> --enable-removal-policies=lru,heap --enable-snmp --enable-delay-pools
>>> --enable-htcp --enable-poll --enable-cache-digests
>>> --enable-underscores --enable-referer-log --enable-useragent-log
>>> --enable-carp --enable-large-files --enable-auth=basic,ntlm
>>>
>> thanks
>

-- 
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.