Re: [squid-users] Complicate ACL affect performance?

From: Henrik K <hege_at_hege.li>
Date: Sun, 19 Oct 2008 12:25:40 +0300

On Sun, Oct 19, 2008 at 04:51:16PM +1300, Amos Jeffries wrote:
>>
>> Fair test would be reversing the hostname, which is very cheap operation. ;)
>
> No. Because most users will not write their ACL regex normally, and the
> regex has to match a forward-coded domain anyway. The squid algorithm
> works on forward-coded domains.
>
> A fair test, therefore uses each methods native comparison style from
> forward-coded domains as input. dstdomain does not even really use the
> terminator equivalent to $ in its matches, though it is assumed.

No, the idea was to test best case scenario. Atleast for me.

> Your initial claim was that simply assembling the regex was faster than
> dstdomain comparison.

Sorry, you must have been reading this thread too fast.

Me:
"Sometimes you just need to block more specific URLS"
"how to use them efficiently IF NEEDED"

It was the OTHER Henrik who was curious about dstdomain/regex speed. :-)

> You implied it very strongly with your statement that we should stop
> recommending dstdomain for domain-only ACL. The informed developers have
> never said NO regex. Only pointed out uses where its not worth using.

Never I have said that you should stop using dstdomain? What statement
specifically are you referring to?

I was merely pointing out that "avoid regex" was a bit too generic response,
when someone asked about high-speed ACLs. We don't know if the original
poster needed them. If you need to block specific URLs, obviously you can't
just start using dstdomain instead.
Received on Sun Oct 19 2008 - 09:25:47 MDT

This archive was generated by hypermail 2.2.0 : Sun Oct 19 2008 - 12:00:04 MDT