Thanks Marc.
regards,
./koen
> > I have about 20 proxyservers running now very well with
> squid DEV2.5. They
> > work very well for about 6 weeks now.
> >
> > To make them all performing better, I have done the following :
> > 1/ installed local caching nameserver on all
> > 2/ tuned the smb_auth
> > 3/ and added to sysctl.conf
> > # Disables packet forwarding
> > net.ipv4.ip_forward = 0
> > # Enables source route verification
> > net.ipv4.conf.all.rp_filter = 1
> > # Disables automatic defragmentation (needed for masquerading, LVS)
> > net.ipv4.ip_always_defrag = 0
> > # Disables the magic-sysrq key
> > kernel.sysrq = 0
> > # Increase number of filedescriptors available
> > fs.file-max = 16384
> > # change bdflush parameters for vm
> > vm.bdflush = 100 1200 128 512 15 5000 500 1884 2
> > # change buffermem parameter for vm
> > vm.buffermem = 70 10 60
> > # Decrease the time default value for tcp_fin_timeout connection
> > net.ipv4.tcp_fin_timeout = 30
> > # Decrease the time default value for tcp_keepalive_time connection
> > net.ipv4.tcp_keepalive_time = 1800
> > # Turn off the tcp_window_scaling
> > net.ipv4.tcp_window_scaling = 0
> > # Turn off the tcp_sack
> > net.ipv4.tcp_sack = 0
> > # Turn off the tcp_timestamps
> > net.ipv4.tcp_timestamps = 0
> >
> > These changes (most of all local dns) made a big
> difference. The 3 parent
> > proxies have now 251req/min (serving 600 users), 259
> req/min (serving 600
> > users) and 450req/min (serving 1500 users).
> > I hope this information is usefull to others, but also
> wonder what other
> > users might have done to tune there systems. Let me know!
> >
> > I have 2 more questions to you all. There are 2 more things
> I would like to
> > add to my configuration :
> > 1/ user policy page when auth box appears. How can this be
> implemented? I
>
> Nearly impossible I think. This protocol stage does not run in the
> context of normal http info switch between browser and
> whatever source.
> It is a specific handshaking between browser and cache, in the
> context of certain http 'features'.
>
>
> > have seen the same question several times, but did not see
> any answers yet.
> > 2/ interface for filtering, webpage or something. Squid has a lot of
> > possibilities, however many local administrators are used
> to work with
> > Windows and expect a GUI. I have reviewed Webmanager and
> SurfControl for
>
> ?? Good graze and smiley.
>
> Perhaps SQUID is my only hope in life, to assert the fact that
> there is world without Windows out there ...
>
> :-) (10x10)
>
>
> > this purpose, however this costs a lot and in fact most of
> there features
> > squid can handle. However I cannot convince a Windows guy
> to edit a text
> > file on a linux box.
> > I myself am not a developer. Does somebody use a self
> written or open source
> > software to implement or change rules to squid.conf or to
> edit text files on
> > a linux box through web interface? Do you want to share
> this information.
> > Something like SWAT for Samba is very usefull.
> >
> > Kind Regards,
> > ./koen
> >
> > Koen Van Bossche
> >
> > KONE International SA
> > KCO Telecom
> > Ave E. Van Nieuwenhuyse, 6
> > B - 1160 Brussels, Belgium
> > Tel : +32 (0)2 676.93.81
> > Fax : +32 (0)2 676.93.91
>
> --
>
> 'Time is a consequence of Matter thus
> General Relativity is a direct consequence of QM
> (M.E. Mar 2002)
>
Received on Thu Mar 14 2002 - 03:38:11 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:56 MST