[squid-users] Squid Deployment for ISP's

From: Ananth <ananth.br_at_gmail.com>
Date: Fri, 16 Apr 2010 16:57:42 +0200

Dear Team,

 I have configure squid 3.1 on Fedora core 12.

my hardware configuration:

CPU INFO: Intel(R) Xeon(R) CPU E5440 @ 2.83GHz
RAM : 8 GB
HDD : 160 GB

The problem i m facing is when my http requests are above 130 hist per
second the pages start browsing slow and time out i cant even access
cachemanager. if the http hit rate is below 130 hist per second it
fine. please check if my configuration is correct. sorry for my poor
english.

Thanks,
Ananth B.R.

my configuration is as fallows:

########### Start of squid.conf #created by ANANTH#############
cache_effective_user squid
cache_effective_group squid

http_port 3128 transparent

cache_dir ufs /var/spool/squid 16384 16 256

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
logfile_rotate 7
emulate_httpd_log on

cache_mem 2 GB
maximum_object_size_in_memory 512 KB
memory_replacement_policy lru
cache_replacement_policy lru
maximum_object_size 64 MB

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

hosts_file /etc/hosts

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 40% 4320

#acl all src 0.0.0.0/0

##Define your network below

acl mynetwork src 192.168.106.0/24 # cbinetwork private
acl mynetwork src 192.168.107.0/24 # cbinetwork private
acl mynetwork src 192.168.110.0/24 # cbinetwork private
acl mynetwork src 192.168.120.0/24 # cbinetwork private
acl mynetwork src 192.168.121.0/24 # cbinetwork private
acl mynetwork src 192.168.130.0/24 # cbinetwork private
acl mynetwork src 192.168.150.0/24 # cbinetwork private
acl mynetwork src 192.168.151.0/24 # cbinetwork private
acl mynetwork src 10.100.101.0/24 # cbinetwork private
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl localhost src ::1/128
acl to_localhost dst 127.0.0.0/8
acl to_localhost dst ::1/128
acl purge method PURGE
acl CONNECT method CONNECT

acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https

acl Safe_ports port 1025-65535 #unregistered ports

acl SSL_ports port 443 563

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow localhost
http_access allow mynetwork
# http_access deny all
http_reply_access allow all
icp_access allow mynetwork

# icp_access deny all

visible_hostname proxy.xxx.xx

coredump_dir /var/spool/squid

######## End of squid.conf ##########
Received on Fri Apr 16 2010 - 14:57:54 MDT

This archive was generated by hypermail 2.2.0 : Sat Apr 17 2010 - 12:00:05 MDT