On 15/07/2012 7:15 p.m., Bal Krishna Adhikari wrote:
> Hello All,
>
> I've been getting a strange with one of the squid servers among 4.
> Seems the Squid connection is frequently dropped for some time and is frequent.
>
> Cache log shows:- ( x.x.x.x is my proxy server's IP)
>
> 10:34:23| TCP connection to x.x.x.x (x.x.x.x:3128) failed
> 10:34:23| TCP connection to x.x.x.x (x.x.x.x:3128) failed
> .........
> .........
> .........
>
> 10:34:39| TCP connection to x.x.x.x (x.x.x.x:3128) failed
> 10:34:39| TCP connection to x.x.x.x (x.x.x.x:3128) failed
>
> All are working fine with same amount of requests and traffic. Machine used is Intel Xeon 3.0 GHz quad core with 8GB RAM.
>
> The average load and disc IO in the machine is OK. The peak traffic in the machine is around 60 Mbps.
>
> What could be the problem.
Like your Squid said: TCP connection to x.x.x.x failed.
* maybe the network routing was disabled for a period
* maybe the SYN packets got lost
* maybe the packets got corrupted somewhere
* maybe the Squid is so overlaoded it didn't perform the parts of the
handshake fast enough
...
* maybe you have firewall rules preventing Squid connecting to x.x.x.x
port 3128
If as you say "x.x.x.x" is your proxy IP address, its a bit strange for
HTTP requests to be requesting the proxy make a loop back at itself.
Could also be one of a few misconfigurations, a malicious attack, or one
of the network security scanners which test for proxy DoS
vulnerabilities (ability to suck up all the network sockets in a loop =>
DoS).
Amos
Received on Sun Jul 15 2012 - 11:00:05 MDT
This archive was generated by hypermail 2.2.0 : Sun Jul 15 2012 - 12:00:02 MDT