Re: [squid-users] Large ACLs and TCP_OUTGOING_ADDRESS

Thank you Amos for your valuable input on this. A copy of the runtime
information during peak times can be found here:
http://116.193.170.11/squid/squid_2008-11-17-213652-General-Information.html

I'm also attaching the following graphs:

1. Cache Hit Rate
(http://116.193.170.11/squid/squid-2008-11-17-2140-CacheHitRate.png)
2. Client Request Rate
(http://116.193.170.11/squid/squid-2008-11-17-2140-ClientRequestRate.png)
3. CPU IOWait
(http://116.193.170.11/squid/squid-2008-11-17-2140-cpuIOWait.png)
4. Service Timers
(http://116.193.170.11/squid/squid-2008-11-17-2140-ServiceTimers.png)

I'm also attaching a copy of my cache configuration.
http://116.193.170.11/squid/squid_2008-11-17-213652-config.html

Looking at it, can you suggest me if I can get any better performance than
it is? I think the IOWait is way too high, and I am using regular commodity
SATA HDDs.

Any input would be greatly appreciated.

Regards
HASSAN

----- Original Message -----
From: "Amos Jeffries" <squid3_at_treenet.co.nz>
To: "Nyamul Hassan" <mnhassan_at_usa.net>
Cc: "Squid Users" <squid-users_at_squid-cache.org>
Sent: Monday, November 17, 2008 07:01
Subject: Re: [squid-users] Large ACLs and TCP_OUTGOING_ADDRESS

>> Hi,
>>
>> I run squid in an ISP scenario. We have got two identically configured
>> squid caches being load balanced among 4,000 users over a 50 Mbps link.
>> The
>> system runs quite well, although not without the occassional hiccups.
>> But,
>> there is a complain from users about not being able to access some
>> websites
>> because of same external IP. For this, we configured the squid.conf to
>> have
>> ACLs for different user blocks of /24 and have them mapped through
>> different
>> external IPs on each of these boxes.
>>
>> However, not all /24 blocks have the same number of users, and I also
>> have
>> lots of real IPs still lying unused. I thought about creating different
>> ACLs for every 5 or 8 users, and then map them to different external IPs.
>> But, having them distributed in 8 IPs in each group would mean at least
>> 500
>> separate ACLs and their corresponding TCP_OUTGOING_ADDRESS directives.
>>
>> My question is, will this affect the performance of squid? Can squid
>> handle
>> this?
>
> Depends on the ACL type. Squid should be able to handle many easily. of
> the ACl you need; src is the fastest, next best is dstdomain, then dst. So
> for a marginal boost when combining on one line, put then in that order.
>
> Just look for shortcuts as you go.
>
>>
>> My servers are each running on Core 2 Duo 2.33 GHz, 8 GB of RAM, 5 HDDs
>> (1x80GB IDE for OS, 4x160GB SATA for cache), total 256GB Cache Store
>> (64GB
>> on each HDD). One of the server's stats are (taken at a very low user
>> count
>> time):
>
> Thank you. We are trying to collect rough capacity info for Squid whenever
> the opportunity comes up. Are you able to provide such stats around peak
> load for our wiki?
> The info we collect can be seen at
> http://wiki.squid-cache.org/KnowledgeBase/Benchmarks
>
> Amos
>
>
>
Received on Mon Nov 17 2008 - 17:27:11 MST