Re: Slackware4.0, Squid2.2S3 & SYN_RECV problem

From: Dancer <[email protected]>
Date: Sat, 05 Jun 1999 13:52:00 +1000

Pavel Paprok wrote:
>
> Hi,
>
> I have clean installed Linux - Slackware 4.0 (kernel 2.2.6) with
> compiled
> squid2.2stable3 on IntelMB SE440BX-2 w/ PIImmx/350MHz,
> 128MB RAM, 9GB Ultra2WD scsi HD connected to Internet
> by 1 ethernet interface (3c900), no serial connections or modems.
>
> Everything working for many users OK but time to time when
> connecting ONE of users then proxy slow very very down
> and all squid connections seems to be VERY slow.
> After disconnecting of this user, everything
> go normally up. I dont know if this is kernel or
> squid problem or user problem (but in this case system
> should have more imunity against it). In logfiles
> found not interesting but "netstat -a" in this cases wrote
> (among many others like ESTABLISHED, TIME_WAIT,...) also
> many many (I count up to 129 !!!) same SYN_RECV lines about
> this ONE user just like:
> ...
> .....
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61360 SYN_RECV
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61361 SYN_RECV
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61367 SYN_RECV
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61359 SYN_RECV
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61361 SYN_RECV
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61360 SYN_RECV
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61357 SYN_RECV
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61362 SYN_RECV
> tcp 0 0 ultra.applet.cz:www asy8-NJ.applet.cz:61363 SYN_RECV
> ...etc etc...
> .....
> Note that our squid is runing on port 80 (so here www not mean www
> service).
> After disconnecting of THIS ONE user, this big group of SYN_RECV lines
> in netstat output go away and all is full working in normal speed.
> This user is connecting his own network by dial-up to our Patton
> over PPP w/ sw WinProxy (linked to our proxy of course).
>
> Please help, some ideas?
> How to do restrict this squid slow-down?
>
> Pavel

There is a routing problem. Some percentage of packets from your box are
not being recieved by the client machine. It could be in your network or
in his.

To start a TCP connection, the client sends a SYN to the server. The
server responds with a SYN, then the client sends an ACK, and the
connection is opened. If the SYN that your server is sending is not
recieved by the client (due to a firewall or bad routing) you will see
symptoms like that above.

D
Received on Fri Jun 04 1999 - 21:35:18 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:44 MST