Squid / Transparent cache killing Cisco cpu

Good evening all.

I'm a new user to Squid and am having a problem with our Cisco 3640 router
when running Squid. (Its killing the cpu)

Have Squid installed and up and running on a FreBSD System.
Pentium II-350, 128Meg, 4 Gig for OS and 2x9Gig drives for cache.
That part seems to be running just fine

Problem I am having is when I cause our Cisco 3640 (core) router to
redirect HTTP traffic, the cpu load on the cisco goes from ~30% to 99%.
ie. it just hammers our router!!!

Router is connected to two upstreams
one via a 100Meg full-duplex ethernet to UUNet
second via 2 Full T1 loops to Sprint
Running BGP4 and taking 2 full tables.
Router has 128Meg ram, Version 11.2(11)P IOS
Local traffic is delivered via another FastEther full-duplex to our Cisco
2924XL switch.

I'm applying the "ip policy route-map proxy-redirect" to the local FastEther.

FreeBSD Squid cache box is connected to same switch via full-duplex 100Meg
Ether.

Like I said, things seem to work along just fine. I tail the access.log
file and squid seems to be doing everything it should. Just the wheels are
going to fall off our poor little router. I would have thought a Cisco 3640
would have been able to handle doing redirects at this level just fine.

Oh, guess I should mention that when I do let squid run for a bit, I'm
seeing about 1.5 - 1.8 Meg of traffic going to/from the Cache box. This
being generated from approx 600 dial customers on line at the time.
But during this time any traffic that goes through the router, is really
throttled back. Things just seem to grind to a halt. (ie telnet to any
local systems in the office is almost unusable).

Any suggestions?
Am I trying to do more that our router will handle?
or do I maybe have a config problem somewhere?

Some stuff from our cisco:

access-list 110 deny tcp host 209.223.225.2 any eq www
access-list 110 permit tcp any any eq www

route-map proxy-redirect permit 10
 match ip address 110
 set ip next-hop 209.223.225.2

int fast 0/0
ip policy route-map proxy-redirect

Thanks for any/all suggestions!

    _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
   _/ Regards: Brad Groshok (bgroshok@odyssey.on.ca) _/
  _/ President Odyssey Network Inc. http://www.odyssey.on.ca _/
 _/ London Ontario Canada PH:(519)660-8883 Fax:(519)660-6111 _/
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Received on Mon Jun 14 1999 - 23:31:40 MDT