Re: [squid-users] Squid too slow.Please Help.Urgent

Hi Tek Bahadur Limbu

>>Your 4 mbps connection link seems really really slow. Maybe as you say,
>>your ISP could be creating this problem for you in the first place.

  I know it must be funny but how do we find out that wether the link
is actually giving us 4 Mbps? The traceroute for google.com shows the
following:

traceroute www.google.com
traceroute: Warning: www.l.google.com has multiple addresses; using
72.14.235.147
traceroute to www.l.google.com (72.14.235.147), 64 hops max, 40 byte packets
 1 dialup-pool-1.165.78.202.shyaminternet.co.in (202.78.165.1) 7.349
ms 7.225 ms 6.885 ms
 2 core-link2bharti.hellorainbow.com (202.78.168.17) 8.332 ms 7.353
ms 7.385 ms
 3 dsl-KK-static-105.165.145.59.airtelbroadband.in (59.145.165.105)
9.367 ms 9.543 ms 9.431 ms
 4 59.145.7.121 (59.145.7.121) 23.800 ms 22.20 ms 21.803 ms
 5 59.145.7.146 (59.145.7.146) 64.225 ms 64.960 ms 58.920 ms
 6 202.56.223.17 (202.56.223.17) 59.864 ms 57.841 ms 57.373 ms
 7 so-2-3-0-zcr1.lnt.cw.net (166.63.222.53) 305.812 ms 306.9 ms 296.886 ms
 8 so-7-0-0-zcr2.lnt.cw.net (166.63.222.42) 303.226 ms 312.317 ms 311.51 ms
 9 so-5-2-0-dcr2.tsd.cw.net (195.2.10.134) 297.58 ms 305.313 ms 296.886 ms
10 as0-dcr1.tsd.cw.net (195.2.10.165) 301.422 ms 301.717 ms 301.720 ms
11 72.14.198.41 (72.14.198.41) 287.853 ms 285.945 ms 285.841 ms
12 209.85.252.40 (209.85.252.40) 280.834 ms 279.237 ms 279.367 ms
13 72.14.236.216 (72.14.236.216) 312.806 ms 307.203 ms 305.375 ms
14 209.85.251.233 (209.85.251.233) 319.20 ms 319.561 ms
216.239.46.227 (216.239.46.227) 310.52 ms
15 72.14.233.116 (72.14.233.116) 370.312 ms 390.349 ms 388.933 ms
16 209.85.248.130 (209.85.248.130) 477.780 ms 467.457 ms 471.978 ms
17 209.85.250.90 (209.85.250.90) 481.873 ms 487.371 ms 481.930 ms
18 209.85.250.101 (209.85.250.101) 505.620 ms 209.85.250.103
(209.85.250.103) 483.603 ms 209.85.250.101 (209.85.250.101) 495.549
ms
19 72.14.232.221 (72.14.232.221) 501.715 ms 72.14.232.217
(72.14.232.217) 499.203 ms 72.14.232.221 (72.14.232.221) 502.309 ms
20 tw-in-f147.google.com (72.14.235.147) 512.656 ms 492.229 ms 490.800 ms

>>Do you get it through a satellite link? I think that your high service
>>response time of 15 seconds is related to your DNS settings.

From where did u find you out this !!! :(.
now i am using the internal caching dns server which is in our
institute.but it is still slow.

>>Try using a lower cache_mem value, say
>>cache_mem 32 MB

I have done it .

>>don't know but your packet filtering setup might also be creating this
>>problems for you. But I don't have that extensive knowledge of PF

Its just like iptables.nyways i have disable it.

>>Check your access.log and cache.log. I definitely think that you will be
>>able to catch important things there

What shal i look for in access log? I have even installed sarg on this
 system but i plan to run it once a week.

>>squidclient mgr:5min | grep client

client_http.requests = 14.584254/sec
client_http.hits = 1.570319/sec
client_http.errors = 0.025430/sec
client_http.kbytes_in = 11.599378/sec
client_http.kbytes_out = 83.999329/sec
client_http.all_median_svc_time = 5.637445 seconds
client_http.miss_median_svc_time = 8.682950 seconds
client_http.nm_median_svc_time = 1.311657 seconds
client_http.nh_median_svc_time = 10.209607 seconds
client_http.hit_median_svc_time = 2.507928 seconds

From where do i read as to what do all these things mean?

>>Probably you need to add the following:

>>acl mynetwork src 192.168.0.0/24
>>http_access allow mynetwork
>>http_access deny all

I have the access list but i did not send it coz i thought it was not
required.ell here it is

#Types allowed/not allowed
acl allowed url_regex "/etc/squid/custom/allowed.conf"
acl bl-porn url_regex -i "/etc/squid/custom/bl-porn.conf"
acl bl-virus url_regex -i "/etc/squid/custom/bl-virus.conf"
acl bl-media urlpath_regex -i "/etc/squid/custom/bl-media.conf"
acl bl-mime rep_mime_type -i "/etc/squid/custom/bl-mime.conf"
acl bl-browser browser -i "/etc/squid/custom/bl-browser.conf"

#Students hostels
acl ashok src "/etc/squid/custom/ppl/bhavans/ashok.conf"
acl bhagirath src "/etc/squid/custom/ppl/bhavans/bhagirath.conf"
acl budh src "/etc/squid/custom/ppl/bhavans/budh.conf"
acl gandhi src "/etc/squid/custom/ppl/bhavans/gandhi.conf"
acl krishna src "/etc/squid/custom/ppl/bhavans/krishna.conf"
acl malviya src "/etc/squid/custom/ppl/bhavans/malviya.conf"
acl meera src "/etc/squid/custom/ppl/bhavans/meera.conf"
acl ram src "/etc/squid/custom/ppl/bhavans/ram.conf"
acl ranapratap src "/etc/squid/custom/ppl/bhavans/ranapratap.conf"
acl shankar src "/etc/squid/custom/ppl/bhavans/shankar.conf"
acl vishwakarma src "/etc/squid/custom/ppl/bhavans/vishwakarma.conf"
acl vyas src "/etc/squid/custom/ppl/bhavans/vyas.conf"

#Staff
acl staff src "/etc/squid/custom/ppl/staff.conf"

#IPC Staff
acl ipc src "/etc/squid/custom/ppl/ipc.conf"

#Other Administration
acl ipcstaff src "/etc/squid/custom/ppl/ipcstaff.conf"
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager all
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
# one who can access services on "localhost" is a local user
http_access deny to_localhost

http_access deny bl-virus
http_access deny bl-media
http_access deny bl-mime
http_access deny bl-porn
http_access deny bl-browser

http_access allow allowed

http_access allow meera
http_access allow budh
http_access allow ram
http_access allow ashok
http_access allow bhagirath
http_access allow gandhi
http_access allow krishna
http_access allow ranapratap
http_access allow shankar
http_access allow vishwakarma
http_access allow vyas
http_access allow malviya

http_access allow staff
http_access allow ipcstaff

# And finally deny all other access to this proxy
http_access deny all
http_reply_access allow all

#Allow ICP queries from everyone
icp_access allow all

reply_body_max_size 20971520 allow all

append_domain .xxx.xx.xx

>>Since your average number of connections for your squid box is just
>>about 700 per minute, you should investigate why your CPU usage is
>>unusually high. Squid-2.6.13 is usually very CPU friendly.

I have absolutely no idea.Even on the FC4 box the cpu utilization was
very high.Has any one come across the same problem.if anyone has come
across the same issue then kindly help me.

Regards
Preetish
Received on Wed Aug 08 2007 - 09:22:49 MDT