Re: [squid-users] Strange issues with squid

What you want to do is try and find a tcpdump capture for the broken
HTTP flows.

I'd make sure window scaling is disabled, ECN is disabled and I'd
change the default route TCP MSS to be < 1500 (say, 1400 or 1300.)
Make sure if you use GRE then the route GRE is using is 1500. :)

(I'm playing around with tproxy at home and I'm having slow loading issues;
I have a feeling I'm seeing PMTU related issues. Hm.)

Adrian

On Wed, Jan 16, 2008, Ryan Thoryk wrote:
> We've had a transparent wccp2-based squid cache implementation in place
> for about a month now (we're an ISP), normally serving about 2000 active
> clients among 2 servers, and our performance is very good (I've done
> large amounts of tweaking), but recently we've been getting complaints
> about sites not loading completely (which I also experienced at home
> since I use squid there) where about half of the page loads and the
> browser hangs (happens on multiple browsers; sites like gmail, etc),
> script-related file uploads to certain sites fail (for example, pic
> uploads to myspace), etc. I was thinking that the page hanging issue
> was probably related to the cache not being able to fetch an embedded
> object on the page, and causing the page load to hang halfway through
> until the object times out (normally a browser would render as much as
> it could, even if objects time out).
>
> So any ideas on this would be greatly appreciated. We were thinking
> that if the full-scale transparent wccp2 redirection doesn't work out,
> that we could just redirect the most heavily used IP netblocks (such as
> google, youtube, microsoft, yahoo, myspace, etc), but we'd possibly
> still have the same issues.
>
> Here's our config info:
>
> We're running 2 FreeBSD 6.2 machines with Squid 2.6-STABLE17. Both
> machines are 2.8ghz P4's with hyperthreading enabled, 4GB RAM, and 2
> dedicated 500GB SATA drives in a software raid0 config for the cache
> (system drive is separate). We've had to shrink the max cache size on
> each to 256gb due to memory.
>
> The first machine is handling wccp2 redirects from 4 cisco routers, and
> the second is handling redirects from multiple cisco switches.
>
> Here's the relevant squid config info:
>
> build params:
> ---------
> CFLAGS="-I/usr/local/include -L/usr/local/lib -march=pentium4 -O3 -pipe
> -fomit-frame-pointer -funroll-loops -ffast-math -fno-exceptions"
> export CFLAGS
> ./configure --enable-async-io --enable-icmp --enable-useragent-log
> --enable-snmp --enable-cache-digests --enable-follow-x-forwarded-for
> --enable-storeio=aufs,ufs,coss,null --enable-removal-policies="heap,lru"
> --with-maxfd=16384 --enable-poll --disable-ident-lookups
> --enable-large-cache-files --with-aufs-threads=64 --with-large-files
> --enable-delay-pools --enable-htcp --enable-kqueue
> ---------
> non-default squid.conf stuff:
>
> ---------
> http_port 3128 transparent
> cache_mem 128 MB
> maximum_object_size_in_memory 1 MB
> cache_replacement_policy heap LFUDA
> cache_dir aufs /var/cache/aufs 256000 32 512
> maximum_object_size 100 MB
> cache_swap_low 94
> cache_swap_high 95
> buffered_logs on
> quick_abort_min 0 KB
> quick_abort_max 0 KB
> extension_methods SEARCH PROPFIND PROPPATCH MKCOL MOVE BMOVE DELETE
> BDELETE REPORT MERGE MKACTIVITY CHECKOUT
> half_closed_clients off
> ipcache_size 8192
> ipcache_low 90
> ipcache_high 95
> fqdncache_size 8192
> memory_pools_limit 50 MB
> uri_whitespace allow
> ---------
>
> We're using IPFW port redirection from 80 to 3128, and with the FreeBSD
> kernel, we're mostly using the SMP kernel generic options, with these added:
> options PERFMON
> options IPFIREWALL
> options IPFIREWALL_FORWARD
> options IPSTEALTH
> options HZ=1000
> options NET_WITH_GIANT
>
>
> Ryan Thoryk
> System Administrator
> onShore Networks, LLC

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -