RE: RE: Squid is OK, but which UNIX for high loads?

From: Oskar Pearson <>
Date: Fri, 30 May 1997 21:18:30 +0200 (GMT)

Late late reply - I somehow gote deleted from the squid-users list and
am only getting this now...

Since I am the designated Linux bigot:

> 2) I had Linux 2.0.30 compiled with SYN-COOKIES and SYN_RESET options

        We had a problem with Linux 2.0.30 box -- it was panicing
        periodically (and never reboot itself) due to exactly
        this reason -- with those features removed it has become
        a) _much_ stable and b) faster.

Firstly: SYN-RST cookies are a bad idea for most things, but they are still in
there if you enable "ask for beta stuff" in the kernel config.

Secondly: There is a small bug in 2.0.30 that causes 'oopses' occasionally
(like after 18 days with 100s of thousands of requests a day...)
There is a patch for this from Dave Miller - I can send it to you if you
want... I think that this also shows up more if you use both RST and COOKIES
SYN protection.

        workstation, but FreeBSD 2.2.2 just occasionally
        performs a lot better as a network (and particularly Squid)
I have still to see this :)
FreeBSD is a lot more configurable in terms of user/kernel limits, but I don't
think that I agree that the networking stack is either faster or more
stable than linux. I was about to change our caches to FreeBSD because I
couldn't get the filehandle patch to work correctly, but it turned out that
it was just me being a moron and not setting ulimit stuff right in my shell!

Linux can flood a 100mb/s line to the theoretical limit. It's got some pretty
fancy stuff built in to reduce latency from Dave Miller that outperforms
FreeBSD (I don't know if they took the code from linux and then put it into
FreeBSD - I think that it was mentioned on linux-kernel...)

We run 3 caches on linux, and they have served somewhere around
20 million connections (ignoring ICP) and hundreds of gigs of traffic over
the last 17 or so days.
Squid has died once (though it's been restarted multiple times due to
power work we have been doing) and that's because of the SYN problem I have
had above. Most requests are returned in less than 5 seconds... this includes
all the gifs etc.

I haven't even installed some of the "speedup" patches... this would include
stuff like the "pentium memcpy" optimised patch and no-atime patch.

Anyway... It seems that you are going to move away from linux... fine, but
as long as the rest of you know that it's working... and it's working well.

Received on Fri May 30 1997 - 12:21:28 MDT

