Re: [squid-users] Requests through proxy take 4x+ longer than direct to the internet

David Parks wrote:
> Ah brilliant, thank you for passing this link along, it's very helpful!
>
> Question then: Does the proxy server have a similar functionality as the
> browser, that of limiting concurrent requests to a given domain (as
> described in this article)?

Not certain about other proxies.

Squid does not limit server connections AFAIK.

Client connectinos can be limited with maxconn ACL or in newer releases
you also have a limit you can set on total connections for each client IP.

>
> What I want to know really is: Can I have my users bump up the number of
> connections to the proxy server, or, by doing so, do I risk the proxy server
> flooding a site and getting the proxies IP blocked?

It's a risk yes. Squid will use as many server-facing connections as
needed to meet the client demand. So simultaneously concurrent client
connections is a problem even if you only have one connection per client.

Making sure persistent connections on server side is enabled makes the
total connection count drop dramatically for working HTTP/1.1 servers.

To be extra sure make sure the x-forwarded-for and via are working
correctly and the sites can tell you are a proxy serving many clients.
The strict but reasonable sites like wikipedia will detect that and
measure against each client individually.

>
> What solutions have been employed in other scenarios, or are proxy servers
> just inherently slower than direct connections due to this concurrent
> connection issue?
>
> Thanks,
> David
>
>
>
> -----Original Message-----
> From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
> Sent: Friday, March 19, 2010 1:06 AM
> To: squid-users_at_squid-cache.org
> Subject: Re: [squid-users] Requests through proxy take 4x+ longer than
> direct to the internet
>
> David Parks wrote:
>> Hi, I set up a dev instance of squid on my windows system.
>>
>> I've configured 2 browsers (Chrome & Firefox), chrome direct to the
>> internet, firefox through the locally running instance of squid.
>>
>> I expected similar response times from the two browsers, but I
>> consistently see firefox (configured to proxy through squid) takes 4x+
> longer.
>> Below are the logs showing response times from a hit on yahoo.com, the
>> chrome browser opened the page in ~<2 seconds.
>>
>> I have used the windows binaries of squid and configured digest
>> password authentication, everything else (other than default port) is
>> left as default in the config file.
>>
>> After doing a packet capture I noted the following behavior:
>>
>> - When going through the proxy: 9 GET requests are made, and 9 HTTP
>> responses are received in a reasonable time period (<2sec)
>> - After the 9th HTTP response is sent, there is a 4 second delay
>> until the next GET request is made
>> - Then 6 GET requests are made, and 6 HTTP responses are received
>> in a reasonable amount of time.
>> - After the 6th GET request in this second group there is a 5
>> second delay until the next GET request is made.
>> - This pattern repeats its self when the proxy is in use.
>> - This pattern does not occur when I am not connected through the
> proxy.
>> Any thoughts on this behavior?
>>
>
> This blog article explains the issues involved:
>
> http://www.stevesouders.com/blog/2008/03/20/roundup-on-parallel-connections/
>
> Amos
> --
> Please be using
> Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
> Current Beta Squid 3.1.0.18
>
>

-- 
Please be using
   Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
   Current Beta Squid 3.1.0.18