Re: [squid-users] Squid 3.0STABLE19 - performance

Multiple hard disks, and spreading out Squid's logs and cache dirs
onto separate disks, helps a lot.

The big prod squid environment I was running for a while used 4 disks
- 1 OS, 1 logs, 2 separate aufs cache disks.

If you can't do that with your hardware, even adding a second hard
drive, with logs on the OS disk and the cache on the second disk, will
help some.

-george

On Tue, Oct 13, 2009 at 10:52 AM, Mariel Sebedio <msebedio_at_invap.com.ar> wrote:
> Hello, I have a problem with the Squid performance.
>
> I have a RHEL 5.4 whit Squid 3.0STABLE19 compiled with the following
> options:  '--prefix=/usr' '--sysconfdir=/etc/squid' '--enable-snmp'
> '--enable-cache-digest' '--enable-err-language=Spanish'
> '--enable-delay-pools'
>
> The hardware of the Proxy server machine is:
>
> processor    : 0
> vendor_id    : GenuineIntel
> cpu family    : 15
> model        : 4
> model name    : Intel(R) Pentium(R) 4 CPU 3.00GHz
> stepping    : 1
> cpu MHz        : 3000.177
> cache size    : 1024 KB
> physical id    : 0
> siblings    : 2
> core id        : 0
> cpu cores    : 1
> apicid        : 0
> fdiv_bug    : no
> hlt_bug        : no
> f00f_bug    : no
> coma_bug    : no
> fpu        : yes
> fpu_exception    : yes
> cpuid level    : 5
> wp        : yes
> flags        : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat
> pse36 clflush dts
> acpi mmx fxsr sse sse2 ss ht tm pbe nx constant_tsc pni monitor ds_cpl cid
> xtpr
> bogomips    : 5999.92
>
> The filesystem information is this:
>
> Filesystem           1K-blocks      Used Available Use% Mounted on
> /dev/sda2              5080828   4252116    566452  89% /
> /dev/sda5            141129204   2496448 131348084   2% /var
> /dev/sda1               101086     11303     84564  12% /boot
> tmpfs                  1031764         0   1031764   0% /dev/shm
>
> The top output
>
> top - 09:50:08 up 3 days, 17:07,  1 user,  load average: 0.09, 0.06, 0.01
> Tasks:  88 total,   1 running,  87 sleeping,   0 stopped,   0 zombie
> Cpu(s):  0.5%us,  0.5%sy,  0.0%ni, 98.5%id,  0.0%wa,  0.2%hi,  0.3%si,
>  0.0%st
> Mem:   2063532k total,  2001504k used,    62028k free,   199476k buffers
> Swap:  5245212k total,        0k used,  5245212k free,  1415224k cached
>
> The ammount of connections oscilates between 400-600. ([]# netstat -an |grep
> STABL |wc -l)
>  I can see that when I request a page it takes a long time to appear on
> my browser, and If at that moment I look at the option "Client-side
> Active Requests" on the statistics, I can't see anything referring to my
> request
>
> It also takes a lot of time for the request to appear in the access.log
>
> When I have a page request, it doesn't arrive in a short period of time,
> So I stop my browser and resend it, and it arrives quickly the second
> time.
>
> Is there something wrong with my squid.conf or my kernel configuration.
> Any suggestions of where to look or what to change to improve
> performance?
>
> How can I determine if it is a matter of DNS response or squid
> congestion or simply a delay related to the page requested itself?
>
> Thanks in advance for the help.
>
> My squid.conf is there:
> authenticate_cache_garbage_interval 3600 seconds
> authenticate_ttl 3600 seconds
> authenticate_ip_ttl 0 seconds
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1
> acl to_localhost dst 0.0.0.0 127.0.0.0/255.0.0.0
> acl mynet src "/etc/squid/mynet" ###### allow over 400 Ips
> acl snmppublic snmp_community proxy
> acl administrador src "/etc/squid/administradores" ###### only 3 Ips
> acl SSL_ports port 443
> acl Safe_ports port 80 81 21 443 70 210 1025-65535 280 488 591 777
> acl CONNECT method CONNECT
> http_access Allow manager administrador
> http_access Deny manager
> http_access Deny !Safe_ports
> http_access Deny CONNECT !SSL_ports
> http_access Allow mynet
> http_access Deny all
> icp_access Allow mynet
> icp_access Deny all
> htcp_access Allow mynet
> htcp_access Deny all
> htcp_clr_access Deny all
> ident_lookup_access Deny all
> http_port 0.0.0.0:3128
> dead_peer_timeout 10 seconds
> hierarchy_stoplist cgi-bin
> hierarchy_stoplist ?
> cache_mem 33554432 bytes
> maximum_object_size_in_memory 8192 bytes
> memory_replacement_policy lru
> cache_replacement_policy lru
> cache_dir ufs /var/spool/squid/cache 80000 16 256 IOEngine=Blocking
> store_dir_select_algorithm least-load
> max_open_disk_fds 0
> minimum_object_size 0 bytes
> maximum_object_size 4194304 bytes
> cache_swap_low 90
> cache_swap_high 95
> access_log /var/log/squid/access.log squid
> cache_log /var/log/squid/cache.log
> cache_store_log /var/log/squid/store.log
> logfile_rotate 9
> emulate_httpd_log off
> log_ip_on_direct on
> mime_table /etc/squid/mime.conf
> log_mime_hdrs off
> pid_filename /var/run/squid.pid
> debug_options ALL,1
> log_fqdn off
> client_netmask 255.255.255.255
> strip_query_terms on
> buffered_logs off
> ftp_user anonymous_at_XXX.com.ar
> ftp_list_width 32
> ftp_passive on
> ftp_sanitycheck on
> ftp_telnet_protocol on
> diskd_program /usr/libexec/diskd
> unlinkd_program /usr/libexec/unlinkd
> url_rewrite_children 5
> url_rewrite_concurrency 0
> url_rewrite_host_header on
> url_rewrite_bypass off
> refresh_pattern ^ftp: 1440 20% 10080
>
> refresh_pattern ^gopher: 1440 0% 1440
>
> refresh_pattern (cgi-bin|\?) 0 0% 0
>
> refresh_pattern . 0 20% 4320
>
> quick_abort_min 16 KB
> quick_abort_max 16 KB
> quick_abort_pct 95
> read_ahead_gap 16384 bytes
> negative_ttl 300 seconds
> positive_dns_ttl 21600 seconds
> negative_dns_ttl 60 seconds
> range_offset_limit 0 bytes
> minimum_expiry_time 60 seconds
> store_avg_object_size 13 KB
> store_objects_per_bucket 20
> request_header_max_size 20480 bytes
> reply_header_max_size 20480 bytes
> request_body_max_size 0 bytes
> chunked_request_body_max_size 65536 bytes
> via on
> ie_refresh off
> vary_ignore_expire off
> request_entities off
> relaxed_header_parser on
> forward_timeout 240 seconds
> connect_timeout 60 seconds
> peer_connect_timeout 30 seconds
> read_timeout 900 seconds
> request_timeout 300 seconds
> persistent_request_timeout 120 seconds
> client_lifetime 86400 seconds
> half_closed_clients off
> pconn_timeout 60 seconds
> ident_timeout 10 seconds
> shutdown_lifetime 30 seconds
> cache_mgr soporte_at_XXX.com.ar
> mail_program mail
> cache_effective_user squid
> cache_effective_group squid
> httpd_suppress_version_string off
> visible_hostname proxy134.XXX.com.ar
> umask 23
> announce_period 31536000 seconds
> announce_host tracker.ircache.net
> announce_port 3131
> delay_pools 0
> delay_initial_bucket_level 50
> wccp_router 0.0.0.0
> wccp_version 4
> wccp2_rebuild_wait on
> wccp2_forwarding_method 1
> wccp2_return_method 1
> wccp2_assignment_method 1
> wccp2_service standard 0
> wccp2_weight 10000
> wccp_address 0.0.0.0
> wccp2_address 0.0.0.0
> client_persistent_connections on
> server_persistent_connections on
> persistent_connection_after_error off
> detect_broken_pconn off
> snmp_port 3401
> snmp_access Allow snmppublic localhost
> snmp_access Deny all
> snmp_incoming_address 0.0.0.0
> snmp_outgoing_address 255.255.255.255
> icp_port 3130
> htcp_port 0
> log_icp_queries on
> udp_incoming_address 0.0.0.0
> udp_outgoing_address 255.255.255.255
> icp_hit_stale off
> minimum_direct_hops 4
> minimum_direct_rtt 400
> netdb_low 900
> netdb_high 1000
> netdb_ping_period 300 seconds
> query_icmp off
> test_reachability off
> icp_query_timeout 0
> maximum_icp_query_timeout 2000
> minimum_icp_query_timeout 5
> background_ping_rate 10 seconds
> mcast_icp_query_timeout 2000
> icon_directory /usr/share/icons
> global_internal_static on
> short_icon_urls on
> error_directory /usr/share/errors/templates
> err_html_text
> email_err_data on
> nonhierarchical_direct on
> prefer_direct off
> incoming_icp_average 6
> incoming_http_average 4
> incoming_dns_average 4
> min_icp_poll_cnt 8
> min_dns_poll_cnt 8
> min_http_poll_cnt 8
> tcp_recv_bufsize 0 bytes
> check_hostnames off
> allow_underscore on
> dns_retransmit_interval 5 seconds
> dns_timeout 120 seconds
> dns_defnames off
> hosts_file /etc/hosts
> dns_testnames netscape.com
> dns_testnames internic.net
> dns_testnames nlanr.net
> dns_testnames microsoft.com
> ignore_unknown_nameservers on
> ipcache_size 1024
> ipcache_low 90
> ipcache_high 95
> fqdncache_size 1024
> memory_pools on
> memory_pools_limit 5242880 bytes
> forwarded_for on
> cachemgr_passwd XXXXXXXXXX all
> client_db on
> refresh_all_ims off
> reload_into_ims off
> maximum_single_addr_tries 1
> retry_on_error off
> as_whois_server whois.ra.net
> offline_mode off
> uri_whitespace strip
> coredump_dir /var/spool/squid/cache
> balance_on_multiple_ip on
> pipeline_prefetch off
> high_response_time_warning 0
> high_page_fault_warning 0
> high_memory_warning 0 bytes
> sleep_after_fork 0
> windows_ipaddrchangemonitor on
>
> --
> Lic. Mariel Sebedio
> Division Computos y Sistemas
> Tel (02944)-445400 int 2307
> INVAP S.E. - www.invap.com.ar
>
>

-- 
-george william herbert
george.herbert_at_gmail.com