Squid -DNS Server Processes are busy

  • I am facing slow down when browsing internet. When i check the log for squid these error are found

    2006/10/02 10:36:02| WARNING: All dnsserver processes are busy.
    2006/10/02 10:36:02| WARNING: up to 5 pending requests queued
    2006/10/02 10:36:02| Consider increasing the number of dnsserver processes to at
    least 10 in your config file.
    2006/10/02 10:36:02| dnsSubmit: queue overload, rejecting mt2.google.com


    1. where i can edit the dnsserver processes?
    2. from the squid forum it mentioned to edit the dns_children parameter. In pfsense squid.conf there isn't any paremeters on dns_children. What is the sequence involve when pfsense load squid? will it load the squid.conf.default first followed by squid.conf?
    3. in addition squid service will stopped itself.. where i suspect is overloaded due to the dns process?? below is the log

    Oct  2 15:45:13 pfsense01 Squid_Alarm[1225]: Squid has exited.  Reconfiguring fi
    Oct  2 15:45:13 pfsense01 Squid_Alarm[1227]: Attempting restart…
    Oct  2 15:45:14 pfsense01 squid[1277]: Squid Parent: child process 1279 started
    Oct  2 15:45:14 pfsense01 php: : Could not open  for writing
    Oct  2 15:45:14 pfsense01 Squid_Alarm[1318]: Squid has exited.  Reconfiguring fi


  • I guess we need a dnsChildren flag or whatever it is called (lack of coffee ATM).

    Go ahead and file a ticket on cvstrac and I will look into it.

  • As you too reported another problem ( http://forum.pfsense.org/index.php/topic,2265.0.html ) I wonder if these two are related. Maybe you are under attack and your browsing is slow therefore? Not sure how that affects squid though, maybe somebody is flooding it with dns requests.

  • This happens on busy networks.  Squid likes to use lots of sub-processes to handle things (like DNS resolution) and so when you have 1. a slow DNS server and/or 2. a lot of people hitting squid at the same time, you can run out of DNS resolvers which causes a backup, and then catastrophic failure (squid doesn't like it when its helper processes die and handles the news poorly).  I realize we're pretty close to having this thing done and new features are probably not what you want, but this would be a good setting to have.

    For the OP's reference, if dns_children is not set in squid.conf, then it defaults to 5.  In fact, there are a lot of default settings that squid uses when values aren't set.  Most of these values aren't really a big deal, but some of them can be real show-stoppers if you're not aware of their existence.  I recommend a browse through a default squid.conf sometime.  It'll be highly educational.

  • i would suspect that is due to to heavy http traffic passing through squid as it slow down in the middle of the day.

    i browse throught the default squid.conf i saw the dns_children parameters.

    is it possible for me to just add the entry in squid.conf?

  • You can add it into squid.conf, although it will go away if you restart your machine or otherwise configure squid differently.  Also, you might take a look at your cache manager output and see if you are being bitten by slow DNS server responses.  Having squid do its resolving against an on-box caching DNS server helps immensely in this regard.

  • i add the entry dns_children=32 in both squid.conf and squid.inc.
    Problem seems solved..

    However i got new error "FATAL: xcalloc: Unable to allocate 1 blocks of 4108 bytes!"

  • a value of 32 for dns_children is pretty excessive unless you have a LOT of web requests or extremely slow DNS servers.  If this is truly a necessary value for you, I highly recommend you investigate why.

  • i think i have too many users browsing the websites. it seems a lot of http connections.

