NTLM kills performance. I have the same problem. Any ideas are welcome.
Kevin Blackwell <akblackwel_at_gmail.com> escribió:
> 1. NAT interception going on? or browser proxy configuration settings?
>
> According to this page
> http://wiki.squid-cache.org/ConfigExamples/Intercept/AtSource
>
> No
>
> 2. What Squid version?
>
> Squid Cache: Version 2.6.STABLE21
>
> 3. is DNS working properly and fast for the proxy?
> I think so. DNS Lookups: 0.01609 0.01396
>
> 4. Is your test conclusive? (same browser version in all tests,
> measuring only one same object timing)
>
> Same version of Firefox with firebug
>
> Both from a Windows 2003 server.
>
> What configuration for access controls?
>
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 80 8200
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> #acl authuser proxy_auth REQUIRED
> acl 40_auth external nt_group Hoffman # group in AD
> acl adm_auth external nt_group Administrator # group in AD
> acl 100_auth external nt_group Corp # group in AD
> acl 10_auth external nt_group Acme # group in AD
> acl 20_auth external nt_group Armstrongs # group in AD
> acl 30_auth external nt_group Hardware Sales # group in AD
> acl 50_auth external nt_group Canada # group in AD
> acl 80_auth external nt_group West # group in AD
> acl ups_auth external nt_group UPS Computers # Computers group
>
> I'm doing NTLM. Hope that's not the performance issue cause logging is
> important to us, but not at the cost of performance.
>
> Thanks in advance.
>
> On Wed, Mar 31, 2010 at 5:24 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
>> Kevin Blackwell wrote:
>>>
>>> OK,
>>>
>>> I will accept that a browser behind a proxy is going to load the pages
>>> slower then a browser in front of the proxy.
>>>
>>> But I need to trim some time on the page load.
>>>
>>> I installed firebug. It can report load times of web pages.
>>>
>>> http;//www.google.com will be example.
>>>
>>> If I test on my local PC I get
>>> 737ms(onload 680ms)
>>>
>>> In a browser on the same network as the computers behind proxy but not
>>> using proxy.
>>> 766ms (onload 638ms)
>>>
>>> But on a terminal server behind the proxy I get
>>> 7.78s (onload 5.86s)
>>>
>>> That is a huge difference.
>>>
>>> Anyone have any thoughts on trimming that down?
>>>
>>
>> NAT interception going on? or browser proxy configuration settings?
>>
>> What Squid version?
>>
>> Is DNS working properly and fast for the proxy?
>>
>> Is your test conclusive? (same browser version in all tests, measuring only
>> one same object timing)
>>
>> What configuration for access controls?
>>
>>
>> Just some of many questions needing details for the answer to your question.
>>
>> Amos
>> --
>> Please be using
>> Current Stable Squid 2.7.STABLE9 or 3.1.1
>>
>
>
>
> --
> Kevin Blackwell
>
Received on Wed Mar 31 2010 - 22:46:01 MDT
This archive was generated by hypermail 2.2.0 : Thu Apr 01 2010 - 12:00:05 MDT