I just started some tests, for now I can’t reproduce memory usage problems but I will keep you informed.
The main issue I found it’s that some resources are inaccessible, mostly images or scripts from CDN.
You can find these kind of lines inside /var/log/squid/cache.log
:
2016/12/09 09:44:18 kid1| SECURITY ALERT: on URL: avatars0.githubusercontent.com:443
2016/12/09 09:44:18 kid1| SECURITY ALERT: Host header forgery detected on local=151.101.60.133:443 remote=192.168.5.22:40950 FD 166 flags=33 (local IP does not match any domain IP)
In this case, when accessing github, the avatars won’t be displayed by the browser, and you can fin a “Timeout error” for the not loaded images.
i guess you’re facing the same problem. Could try to verify it with this command?
grep "Host header forgery detected" /var/log/squid/cache.log
There is no real work fix for this but a couple of workaround:
- do not use 8.8.8.8 as your external DNS (I didn’t see any difference even with other dns servers)
- make sure all clients use the same DNS (this is effective)
- configure all clients to explicitly use the proxy (this works great)
You can find more information here: