The pfSense Store

Author Topic: Squid slows down the network (DNS) to almost unusable  (Read 248 times)

0 Members and 1 Guest are viewing this topic.

Offline vitaprimo

  • Newbie
  • *
  • Posts: 19
  • Karma: +1/-0
    • View Profile
Squid slows down the network (DNS) to almost unusable
« on: December 01, 2017, 09:56:51 pm »
Recently I moved temporarily all of my VMs of the hosts including a domain controller responsible for DNS as well as I deployed another domain controller. I also changed the several IP addresses and naturally some services started failing, after recovering enough to have a working network while I did the cluster thing I noticed the DNS resolution either failing or taking forever, eventually I put everything back but DNS wasn't improving.

Although this has happened before I discarded Squid because the last time it happened the hardware and configuration was very different, this time it had plenty of dedicated system resources and it's running on mirrored ZFS SSDs. I kept watching all the AD replication and DNS test pass successfully and to make it more disconcerting I discovered DNS resolution wasn't slow if I used Network Utility on macOS or nslookup on Windows - it was instant, resolving network shares and everything in a browser seemed to be what were wrong. Another weird thing is that even in the same subnet things were slow, intranet, internet, inter-VLAN. A complete nightmare.

Tired I figured I'd restart the firewall just looking for solutions aimlessly and when I was in pfSense's portal I tried first just turning off the Squid service and everything went back to normal immediately which was a huge relief and also a bit of a disappointment; I'm constantly downloading disk images and I had a quarter terabyte to Squid Cache so I don't have to think if I had save the file somewhere or whatever, even if my connection is fast(ish) it'll never beat mirrored SSDs.

Is this a known bug? Did I miss some setting? I'm pretty sure I paid attention to everything relating to cache and rotating files and stuff so I wouldn't bottleneck or fill up.

Anyway, thanks for any advice. :)

Offline Impatient

  • Jr. Member
  • **
  • Posts: 25
  • Karma: +1/-0
    • View Profile
Re: Squid slows down the network (DNS) to almost unusable
« Reply #1 on: December 03, 2017, 08:35:29 pm »
What do the Diagnostics/System Activity log's show?



Offline vitaprimo

  • Newbie
  • *
  • Posts: 19
  • Karma: +1/-0
    • View Profile
Re: Squid slows down the network (DNS) to almost unusable
« Reply #2 on: December 04, 2017, 12:06:12 am »
I forgot to check and I already emptied the cache so even if I turn Squid back on my guess is that it'd take a while until the issue comes back. :/

Offline vitaprimo

  • Newbie
  • *
  • Posts: 19
  • Karma: +1/-0
    • View Profile
Re: Squid slows down the network (DNS) to almost unusable
« Reply #3 on: December 04, 2017, 12:09:18 am »
Yeah... Turned it back on and it's as zippy as ever. One of my guesses was that the cache storage simply filled up but it couldn't, I always set it for 70%-to-80% of its capacity on a dedicated volume so there's nothing else writing to it. Logs files are on the main pfSense volume. 🧐

Offline periko

  • Hero Member
  • *****
  • Posts: 1163
  • Karma: +17/-1
  • pheriko
    • View Profile
    • Soporte de Pfsense y Linux
Re: Squid slows down the network (DNS) to almost unusable
« Reply #4 on: December 04, 2017, 08:11:41 am »
 Can u please show your
Code: [Select]
squid.conf.
 Thanks.
Necesitan Soporte de Pfsense en Mexico?/Need Pfsense Support in Mexico?
https://www.facebook.com/BajaOpenSolutions
Estamos en Tijuana, pero no es obstaculo para brindarte nuestro servicio.
We are in Tijuana, but is not an obstacle to give you support.

Offline vitaprimo

  • Newbie
  • *
  • Posts: 19
  • Karma: +1/-0
    • View Profile
Re: Squid slows down the network (DNS) to almost unusable
« Reply #5 on: December 04, 2017, 12:44:42 pm »
Sorry, I kept watching the notif pop on my phone but I was super busy. Were can I get it again? I went through every tab and I can't remember where to download it from. Squid is turned off, do I need to turn it back on for the option to appear?

Offline periko

  • Hero Member
  • *****
  • Posts: 1163
  • Karma: +17/-1
  • pheriko
    • View Profile
    • Soporte de Pfsense y Linux
Re: Squid slows down the network (DNS) to almost unusable
« Reply #6 on: December 05, 2017, 12:00:52 am »
 No issue, u can get the file from the console(ssh):

Code: [Select]
/usr/local/etc/squid/squid.conf  :)

 
Necesitan Soporte de Pfsense en Mexico?/Need Pfsense Support in Mexico?
https://www.facebook.com/BajaOpenSolutions
Estamos en Tijuana, pero no es obstaculo para brindarte nuestro servicio.
We are in Tijuana, but is not an obstacle to give you support.