Dear group I've a problem about packet dropped on Linux Gentoo. I use squid squid-2.5.STABLE3 and Linux kernel 2.4.26=gentoo-r6
node04 root # uname -a Linux node04 2.4.26-gentoo-r6 #4 Thu Jul 29 17:29:09 ICT 2004 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GenuineIntel GNU/Linux the system is dedicated to run squid only. all our client is dial-up modem 56K and it serve up to 500 request/s we use WCCPv2 + Cisco router for redirect packet to squid on port 80 and we use iptables redirect all port 80 connection to squid port 3128 --------- System informatio ------------ - P-IV 2.80E - ASUS P4P800 SE - RAM 2GB - 2 Harddisk IDE Seagate 120GB and 40GB After squid work for a day the most memory was allocated to buffer/cache and swap grow up to 700MB node04 root # vmstat 1 procs -----------memory---------- ---swap-- -----io---- --system-- ----cpu---- r b swpd free buff cache si so bi bo in cs us sy id wa 2 2 752700 50200 123536 574736 1 1 64 55 58 48 28 47 25 0 3 1 752700 49348 123576 575552 0 0 536 0 9803 5638 49 51 0 0 3 1 752700 49932 123564 575052 0 0 292 0 10829 5950 44 54 2 0 2 5 752700 50476 123616 574352 0 0 496 2048 9846 5591 49 51 0 0 3 3 752700 49924 123684 574956 0 0 544 0 9316 5554 46 54 0 0 2 0 752700 50548 123688 574512 0 0 344 0 9699 5820 50 50 0 0 2 0 752700 49912 123744 575028 0 0 412 0 9826 5663 50 50 0 0 3 4 752700 50168 123712 574876 0 0 700 0 9166 5550 45 55 0 0 We have many packet drop reported on /var/log/message Aug 5 19:55:44 node04 Out of socket memory Aug 5 19:55:49 node04 NET: 3 messages suppressed. Aug 5 19:55:49 node04 Out of socket memory Aug 5 19:55:53 node04 NET: 4 messages suppressed. Aug 5 19:55:53 node04 Out of socket memory Aug 5 19:55:58 node04 NET: 6 messages suppressed. and Aug 5 20:32:29 node04 ip_conntrack: table full, dropping packet. Aug 5 20:32:33 node04 NET: 5 messages suppressed. Aug 5 20:32:33 node04 ip_conntrack: table full, dropping packet. Aug 5 20:32:38 node04 NET: 11 messages suppressed. Aug 5 20:32:38 node04 ip_conntrack: table full, dropping packet. Aug 5 20:32:43 node04 NET: 3 messages suppressed. Is it caused from memory leak or not ? and how I tune Squid/Linux system to solve this problem ? Thank you. ---------- squid config ----------- ./configure --prefix=/usr --exec_prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid --enable-async-io --enable-storeio=ufs,diskd,coss,aufs,null --enable-linux-netfilter --enable-wccpv2 --enable-snmp --enable-poll --enable-underscores -enable-removal-policies=heap,lru ---------- squidclient ------------- node04 root # squidclient mgr:5min HTTP/1.0 200 OK Server: squid/2.5.STABLE3 Mime-Version: 1.0 Date: Thu, 05 Aug 2004 13:46:17 GMT Content-Type: text/plain Expires: Thu, 05 Aug 2004 13:46:17 GMT Last-Modified: Thu, 05 Aug 2004 13:46:17 GMT X-Cache: MISS from tot00 Proxy-Connection: close sample_start_time = 1091713241.975307 (Thu, 05 Aug 2004 13:40:41 GMT) sample_end_time = 1091713542.31136 (Thu, 05 Aug 2004 13:45:42 GMT) client_http.requests = 421.421575/sec client_http.hits = 248.723713/sec client_http.errors = 0.000000/sec client_http.kbytes_in = 183.625828/sec client_http.kbytes_out = 2036.597663/sec client_http.all_median_svc_time = 0.127833 seconds client_http.miss_median_svc_time = 0.339434 seconds client_http.nm_median_svc_time = 0.078255 seconds client_http.nh_median_svc_time = 0.399283 seconds client_http.hit_median_svc_time = 0.097357 seconds server.all.requests = 177.876898/sec server.all.errors = 0.000000/sec server.all.kbytes_in = 1141.470909/sec server.all.kbytes_out = 109.319656/sec server.http.requests = 177.876898/sec server.http.errors = 0.000000/sec server.http.kbytes_in = 1141.470909/sec server.http.kbytes_out = 109.322989/sec server.ftp.requests = 0.000000/sec server.ftp.errors = 0.000000/sec server.ftp.kbytes_in = 0.000000/sec server.ftp.kbytes_out = 0.000000/sec server.other.requests = 0.000000/sec server.other.errors = 0.000000/sec server.other.kbytes_in = 0.000000/sec server.other.kbytes_out = 0.000000/sec icp.pkts_sent = 0.000000/sec icp.pkts_recv = 0.000000/sec icp.queries_sent = 0.000000/sec icp.replies_sent = 0.000000/sec icp.queries_recv = 0.000000/sec icp.replies_recv = 0.000000/sec icp.replies_queued = 0.000000/sec icp.query_timeouts = 0.000000/sec icp.kbytes_sent = 0.000000/sec icp.kbytes_recv = 0.000000/sec icp.q_kbytes_sent = 0.000000/sec icp.r_kbytes_sent = 0.000000/sec icp.q_kbytes_recv = 0.000000/sec icp.r_kbytes_recv = 0.000000/sec icp.query_median_svc_time = 0.000000 seconds icp.reply_median_svc_time = 0.000000 seconds dns.median_svc_time = 9.702421 seconds unlink.requests = 0.000000/sec page_faults = 0.006665/sec select_loops = 37.846290/sec select_fds = 2870.752429/sec average_select_fd_period = 0.000347/fd median_select_fds = 73.710938 swap.outs = 18.156621/sec swap.ins = 364.572154/sec swap.files_cleaned = 0.000000/sec aborted_requests = 14.813910/sec syscalls.polls = 107.829933/sec syscalls.disk.opens = 0.000000/sec syscalls.disk.closes = 0.000000/sec syscalls.disk.reads = 0.000000/sec syscalls.disk.writes = 125.703274/sec syscalls.disk.seeks = 0.000000/sec syscalls.disk.unlinks = 0.000000/sec syscalls.sock.accepts = 213.236984/sec syscalls.sock.sockets = 118.168009/sec syscalls.sock.connects = 116.028408/sec syscalls.sock.binds = 116.831591/sec syscalls.sock.closes = 293.861980/sec syscalls.sock.reads = 1556.636982/sec syscalls.sock.writes = 1501.723868/sec syscalls.sock.recvfroms = 27.911472/sec syscalls.sock.sendtos = 32.593934/sec cpu_time = 279.460000 seconds wall_time = 300.055829 seconds cpu_usage = 93.136001% ----------- sysctl ----------- node04 root # sysctl -a sunrpc.nlm_debug = 0 sunrpc.nfsd_debug = 0 sunrpc.nfs_debug = 0 sunrpc.rpc_debug = 0 abi.fake_utsname = 0 abi.trace = 0 abi.defhandler_libcso = 68157441 abi.defhandler_lcall7 = 68157441 abi.defhandler_elf = 0 abi.defhandler_coff = 117440515 dev.cdrom.check_media = 0 dev.cdrom.lock = 1 dev.cdrom.debug = 0 dev.cdrom.autoeject = 0 dev.cdrom.autoclose = 1 dev.cdrom.info = CD-ROM information, Id: cdrom.c 3.12 2000/10/18 dev.cdrom.info = dev.cdrom.info = drive name: hdd dev.cdrom.info = drive speed: 52 dev.cdrom.info = drive # of slots: 1 dev.cdrom.info = Can close tray: 1 dev.cdrom.info = Can open tray: 1 dev.cdrom.info = Can lock tray: 1 dev.cdrom.info = Can change speed: 1 dev.cdrom.info = Can select disk: 0 dev.cdrom.info = Can read multisession: 1 dev.cdrom.info = Can read MCN: 1 dev.cdrom.info = Reports media changed: 1 dev.cdrom.info = Can play audio: 1 dev.cdrom.info = Can write CD-R: 0 dev.cdrom.info = Can write CD-RW: 0 dev.cdrom.info = Can read DVD: 0 dev.cdrom.info = Can write DVD-R: 0 dev.cdrom.info = Can write DVD-RAM: 0 dev.cdrom.info = dev.cdrom.info = net.unix.max_dgram_qlen = 10 net.ipv4.ip_conntrack_max = 160000 net.ipv4.netfilter.ip_conntrack_generic_timeout = 600 net.ipv4.netfilter.ip_conntrack_icmp_timeout = 30 net.ipv4.netfilter.ip_conntrack_udp_timeout_stream = 180 net.ipv4.netfilter.ip_conntrack_udp_timeout = 30 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close = 10 net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack = 30 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 432000 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120 net.ipv4.netfilter.ip_conntrack_buckets = 8192 net.ipv4.netfilter.ip_conntrack_max = 160000 net.ipv4.conf.eth0.force_igmp_version = 0 net.ipv4.conf.eth0.arp_ignore = 0 net.ipv4.conf.eth0.arp_announce = 0 net.ipv4.conf.eth0.arp_filter = 0 net.ipv4.conf.eth0.tag = 0 net.ipv4.conf.eth0.log_martians = 0 net.ipv4.conf.eth0.bootp_relay = 0 net.ipv4.conf.eth0.medium_id = 0 net.ipv4.conf.eth0.proxy_arp = 0 net.ipv4.conf.eth0.accept_source_route = 1 net.ipv4.conf.eth0.send_redirects = 1 net.ipv4.conf.eth0.rp_filter = 1 net.ipv4.conf.eth0.shared_media = 1 net.ipv4.conf.eth0.secure_redirects = 1 net.ipv4.conf.eth0.accept_redirects = 1 net.ipv4.conf.eth0.mc_forwarding = 0 net.ipv4.conf.eth0.forwarding = 0 net.ipv4.conf.lo.force_igmp_version = 0 net.ipv4.conf.lo.arp_ignore = 0 net.ipv4.conf.lo.arp_announce = 0 net.ipv4.conf.lo.arp_filter = 0 net.ipv4.conf.lo.tag = 0 net.ipv4.conf.lo.log_martians = 0 net.ipv4.conf.lo.bootp_relay = 0 net.ipv4.conf.lo.medium_id = 0 net.ipv4.conf.lo.proxy_arp = 0 net.ipv4.conf.lo.accept_source_route = 1 net.ipv4.conf.lo.send_redirects = 1 net.ipv4.conf.lo.rp_filter = 0 net.ipv4.conf.lo.shared_media = 1 net.ipv4.conf.lo.secure_redirects = 1 net.ipv4.conf.lo.accept_redirects = 1 net.ipv4.conf.lo.mc_forwarding = 0 net.ipv4.conf.lo.forwarding = 0 net.ipv4.conf.default.force_igmp_version = 0 net.ipv4.conf.default.arp_ignore = 0 net.ipv4.conf.default.arp_announce = 0 net.ipv4.conf.default.arp_filter = 0 net.ipv4.conf.default.tag = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.default.bootp_relay = 0 net.ipv4.conf.default.medium_id = 0 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.default.accept_source_route = 1 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.default.shared_media = 1 net.ipv4.conf.default.secure_redirects = 1 net.ipv4.conf.default.accept_redirects = 1 net.ipv4.conf.default.mc_forwarding = 0 net.ipv4.conf.default.forwarding = 0 net.ipv4.conf.all.force_igmp_version = 0 net.ipv4.conf.all.arp_ignore = 0 net.ipv4.conf.all.arp_announce = 0 net.ipv4.conf.all.arp_filter = 0 net.ipv4.conf.all.tag = 0 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.all.bootp_relay = 0 net.ipv4.conf.all.medium_id = 0 net.ipv4.conf.all.proxy_arp = 0 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.send_redirects = 1 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.all.shared_media = 1 net.ipv4.conf.all.secure_redirects = 1 net.ipv4.conf.all.accept_redirects = 1 net.ipv4.conf.all.mc_forwarding = 0 net.ipv4.conf.all.forwarding = 0 net.ipv4.neigh.eth0.locktime = 100 net.ipv4.neigh.eth0.proxy_delay = 80 net.ipv4.neigh.eth0.anycast_delay = 100 net.ipv4.neigh.eth0.proxy_qlen = 64 net.ipv4.neigh.eth0.unres_qlen = 3 net.ipv4.neigh.eth0.gc_stale_time = 60 net.ipv4.neigh.eth0.delay_first_probe_time = 5 net.ipv4.neigh.eth0.base_reachable_time = 30 net.ipv4.neigh.eth0.retrans_time = 100 net.ipv4.neigh.eth0.app_solicit = 0 net.ipv4.neigh.eth0.ucast_solicit = 3 net.ipv4.neigh.eth0.mcast_solicit = 3 net.ipv4.neigh.lo.locktime = 100 net.ipv4.neigh.lo.proxy_delay = 80 net.ipv4.neigh.lo.anycast_delay = 100 net.ipv4.neigh.lo.proxy_qlen = 64 net.ipv4.neigh.lo.unres_qlen = 3 net.ipv4.neigh.lo.gc_stale_time = 60 net.ipv4.neigh.lo.delay_first_probe_time = 5 net.ipv4.neigh.lo.base_reachable_time = 30 net.ipv4.neigh.lo.retrans_time = 100 net.ipv4.neigh.lo.app_solicit = 0 net.ipv4.neigh.lo.ucast_solicit = 3 net.ipv4.neigh.lo.mcast_solicit = 3 net.ipv4.neigh.default.gc_thresh3 = 1024 net.ipv4.neigh.default.gc_thresh2 = 512 net.ipv4.neigh.default.gc_thresh1 = 128 net.ipv4.neigh.default.gc_interval = 30 net.ipv4.neigh.default.locktime = 100 net.ipv4.neigh.default.proxy_delay = 80 net.ipv4.neigh.default.anycast_delay = 100 net.ipv4.neigh.default.proxy_qlen = 64 net.ipv4.neigh.default.unres_qlen = 3 net.ipv4.neigh.default.gc_stale_time = 60 net.ipv4.neigh.default.delay_first_probe_time = 5 net.ipv4.neigh.default.base_reachable_time = 30 net.ipv4.neigh.default.retrans_time = 100 net.ipv4.neigh.default.app_solicit = 0 net.ipv4.neigh.default.ucast_solicit = 3 net.ipv4.neigh.default.mcast_solicit = 3 net.ipv4.tcp_westwood = 0 net.ipv4.ipfrag_secret_interval = 600 net.ipv4.tcp_low_latency = 0 net.ipv4.tcp_frto = 0 net.ipv4.tcp_tw_reuse = 0 net.ipv4.icmp_ratemask = 6168 net.ipv4.icmp_ratelimit = 100 net.ipv4.tcp_adv_win_scale = 2 net.ipv4.tcp_app_win = 31 net.ipv4.tcp_rmem = 4096 87380 174760 net.ipv4.tcp_wmem = 4096 16384 131072 net.ipv4.tcp_mem = 97280 97792 98304 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_ecn = 0 net.ipv4.tcp_reordering = 3 net.ipv4.tcp_fack = 1 net.ipv4.tcp_orphan_retries = 0 net.ipv4.inet_peer_gc_maxtime = 120 net.ipv4.inet_peer_gc_mintime = 10 net.ipv4.inet_peer_maxttl = 600 net.ipv4.inet_peer_minttl = 120 net.ipv4.inet_peer_threshold = 65664 net.ipv4.igmp_max_msf = 10 net.ipv4.igmp_max_memberships = 20 net.ipv4.route.secret_interval = 600 net.ipv4.route.min_adv_mss = 256 net.ipv4.route.min_pmtu = 552 net.ipv4.route.mtu_expires = 600 net.ipv4.route.gc_elasticity = 8 net.ipv4.route.error_burst = 500 net.ipv4.route.error_cost = 100 net.ipv4.route.redirect_silence = 2048 net.ipv4.route.redirect_number = 9 net.ipv4.route.redirect_load = 2 net.ipv4.route.gc_interval = 60 net.ipv4.route.gc_timeout = 300 net.ipv4.route.gc_min_interval = 0 net.ipv4.route.max_size = 262144 net.ipv4.route.gc_thresh = 16384 net.ipv4.route.max_delay = 10 net.ipv4.route.min_delay = 2 net.ipv4.icmp_ignore_bogus_error_responses = 0 net.ipv4.icmp_echo_ignore_broadcasts = 0 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.ip_local_port_range = 32768 61000 net.ipv4.tcp_max_syn_backlog = 32768 net.ipv4.tcp_rfc1337 = 0 net.ipv4.tcp_stdurg = 0 net.ipv4.tcp_abort_on_overflow = 0 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_fin_timeout = 60 net.ipv4.tcp_retries2 = 15 net.ipv4.tcp_retries1 = 3 net.ipv4.tcp_keepalive_intvl = 75 net.ipv4.tcp_keepalive_probes = 9 net.ipv4.tcp_keepalive_time = 7200 net.ipv4.ipfrag_time = 30 net.ipv4.ip_dynaddr = 0 net.ipv4.ipfrag_low_thresh = 196608 net.ipv4.ipfrag_high_thresh = 262144 net.ipv4.tcp_max_tw_buckets = 180000 net.ipv4.tcp_max_orphans = 16384 net.ipv4.tcp_synack_retries = 5 net.ipv4.tcp_syn_retries = 5 net.ipv4.ip_nonlocal_bind = 0 net.ipv4.ip_no_pmtu_disc = 0 net.ipv4.ip_autoconfig = 1 net.ipv4.ip_default_ttl = 64 net.ipv4.ip_forward = 0 net.ipv4.tcp_retrans_collapse = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_timestamps = 1 net.core.somaxconn = 128 net.core.hot_list_length = 128 net.core.optmem_max = 10240 net.core.message_burst = 50 net.core.message_cost = 5 net.core.mod_cong = 290 net.core.lo_cong = 100 net.core.no_cong = 20 net.core.no_cong_thresh = 10 net.core.netdev_max_backlog = 300 net.core.dev_weight = 64 net.core.rmem_default = 106496 net.core.wmem_default = 106496 net.core.rmem_max = 131071 net.core.wmem_max = 131071 vm.block_dump = 0 vm.laptop_mode = 0 vm.max_map_count = 65536 vm.max-readahead = 31 vm.min-readahead = 3 vm.page-cluster = 3 vm.pagetable_cache = 25 50 vm.kswapd = 512 32 8 vm.overcommit_memory = 0 vm.bdflush = 50 500 0 0 500 3000 60 20 0 vm.vm_passes = 60 vm.vm_lru_balance_ratio = 2 vm.vm_mapped_ratio = 100 vm.vm_cache_scan_ratio = 6 vm.vm_vfs_scan_ratio = 6 vm.vm_gfp_debug = 0 kernel.overflowgid = 65534 kernel.overflowuid = 65534 kernel.random.uuid = ac51ba35-c96d-44a3-a979-119d214e53a0 kernel.random.boot_id = ff597e6e-37fa-45e9-a6c3-27b40b981fe6 kernel.random.write_wakeup_threshold = 128 kernel.random.read_wakeup_threshold = 8 kernel.random.entropy_avail = 4096 kernel.random.poolsize = 512 kernel.threads-max = 14336 kernel.cad_pid = 1 kernel.sem = 250 32000 32 128 kernel.msgmnb = 16384 kernel.msgmni = 16 kernel.msgmax = 8192 kernel.shmmni = 4096 kernel.shmall = 2097152 kernel.shmmax = 33554432 kernel.rtsig-max = 1024 kernel.rtsig-nr = 0 kernel.hotplug = /sbin/hotplug kernel.modprobe = /sbin/modprobe kernel.printk = 1 4 1 7 kernel.ctrl-alt-del = 0 kernel.cap-bound = -257 kernel.tainted = 1 kernel.core_pattern = core kernel.core_setuid_ok = 0 kernel.core_uses_pid = 0 kernel.panic = 0 kernel.domainname = inet.co.th kernel.hostname = node04 kernel.version = #4 Thu Jul 29 17:29:09 ICT 2004 kernel.osrelease = 2.4.26-gentoo-r6 kernel.ostype = Linux fs.lease-break-time = 45 fs.dir-notify-enable = 1 fs.leases-enable = 1 fs.overflowgid = 65534 fs.overflowuid = 65534 fs.dentry-state = 311571 280155 45 0 0 0 fs.file-max = 209683 fs.file-nr = 27256 9300 209683 fs.inode-state = 308731 591730 0 0 0 0 0 fs.inode-nr = 308731 591730 -- ______________________________________________ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by Outblaze
