Ananth wrote:
> Dear Team,
>
> I have configure squid 3.1 on Fedora core 12.
>
> my hardware configuration:
>
> CPU INFO: Intel(R) Xeon(R) CPU E5440 @ 2.83GHz
> RAM : 8 GB
> HDD : 160 GB
>
> The problem i m facing is when my http requests are above 130 hist per
> second the pages start browsing slow and time out i cant even access
> cachemanager. if the http hit rate is below 130 hist per second it
> fine. please check if my configuration is correct. sorry for my poor
> english.
>
> Thanks,
> Ananth B.R.
>
Looks fairly good. There are a few tweaks I'll mention inline.
> my configuration is as fallows:
>
> ########### Start of squid.conf #created by ANANTH#############
> cache_effective_user squid
> cache_effective_group squid
>
> http_port 3128 transparent
>
> cache_dir ufs /var/spool/squid 16384 16 256
>
> cache_access_log /var/log/squid/access.log
> cache_log /var/log/squid/cache.log
> cache_store_log none
> logfile_rotate 7
> emulate_httpd_log on
emulate_httpd_log does a little bit of extra work to generate dates etc.
If you can use the native squid log format its faster.
"emulate_httpd_log on" is also deprecated in favor of setting the
"custom" format type on access_log lines.
>
> cache_mem 2 GB
> maximum_object_size_in_memory 512 KB
Memory objects are faster then disk ones in Squid and 3.x do not have
the large object size failures that 2.x has.
The more memory stuff you can do in the newer Squid the faster those
requests are done with and new ones can be handled.
> memory_replacement_policy lru
> cache_replacement_policy lru
heap tends to be the replacement policy favored by high-performance
people. It's up to you though.
> maximum_object_size 64 MB
>
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
Drop the above three lines. They are doing extra work that is not really
needed.
>
> hosts_file /etc/hosts
>
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 40% 4320
>
> #acl all src 0.0.0.0/0
>
> ##Define your network below
>
> acl mynetwork src 192.168.106.0/24 # cbinetwork private
> acl mynetwork src 192.168.107.0/24 # cbinetwork private
> acl mynetwork src 192.168.110.0/24 # cbinetwork private
> acl mynetwork src 192.168.120.0/24 # cbinetwork private
> acl mynetwork src 192.168.121.0/24 # cbinetwork private
> acl mynetwork src 192.168.130.0/24 # cbinetwork private
> acl mynetwork src 192.168.150.0/24 # cbinetwork private
> acl mynetwork src 192.168.151.0/24 # cbinetwork private
> acl mynetwork src 10.100.101.0/24 # cbinetwork private
> acl manager proto cache_object
> acl localhost src 127.0.0.1/32
> acl localhost src ::1/128
> acl to_localhost dst 127.0.0.0/8
> acl to_localhost dst ::1/128
> acl purge method PURGE
> acl CONNECT method CONNECT
>
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
>
> acl Safe_ports port 1025-65535 #unregistered ports
>
> acl SSL_ports port 443 563
>
> http_access allow manager localhost
> http_access deny manager
> http_access allow purge localhost
> http_access deny purge
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
>
> http_access allow localhost
> http_access allow mynetwork
> # http_access deny all
For peak performance I'd order the above lines a little differently and
remove some. Give these a test out:
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny manager
http_access deny purge
http_access allow mynetwork
# http_access deny all
> http_reply_access allow all
> icp_access allow mynetwork
>
> # icp_access deny all
>
> visible_hostname proxy.xxx.xx
>
> coredump_dir /var/spool/squid
>
> ######## End of squid.conf ##########
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.1Received on Sat Apr 17 2010 - 03:35:56 MDT
This archive was generated by hypermail 2.2.0 : Sun Apr 18 2010 - 12:00:04 MDT