Hi,
I'm using squid 3.1.8 on centos 5.4 with 3.8GB RAM and Dual Core
Processor. My swap is been used and 50% of RAM is used by cache &
buffers. Below link has one week's memory & CPU utilization
information in form of graph.
Memory usage --> http://img.myph.us/Cr8.jpg
CPU usage --> http://img.myph.us/PgM.jpg
I'm worried as to why the usage of swap is coming into picture,
logically if Swap is used then I need to increase the RAM but this
machine is serving only 12 users.
My squid.conf is here
auth_param negotiate program /usr/lib/squid/squid_kerb_auth -d -s GSS_C_NO_NAME
auth_param negotiate children 10
auth_param negotiate keep_alive on
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 8
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic credentialsttl 4 hour
auth_param basic casesensitive off
auth_param basic children 7
auth_param basic realm DOMAINNAME
authenticate_cache_garbage_interval 10 seconds
authenticate_ttl 0 seconds
acl ad-auth proxy_auth REQUIRED
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl allow_localnet dst 192.168.110.0/24 192.168.188.0/24
acl allow_localdomain dstdomain .domain.com
acl local_net_dst dst 192.168.117.0/24
acl local_net_src src 192.168.117.0/24
acl Unsafe_Ports port 5050 843 5100 5101 5000-5010 9085
acl Unsafe_Ports port 1863
acl Unsafe_Ports port 5222
acl SSL_ports port 443
acl Safe_ports port 80 53 3268 88 5060 5061 5062 5075 5076 5077 50636
587 50389 58941 110 995 993 143 389 636 119 25 465 135 102 3000 #
http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow localhost allow_localnet allow_localdomain
http_access allow manager localhost
http_access allow ad-auth
http_access deny manager
http_access deny Unsafe_Ports !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
redirect_program /usr/local/bin/squidGuard -c
/usr/local/squidGuard/squidGuard.conf
redirect_children 15
icp_access deny all
htcp_access deny all
http_port 3128
cache_mem 128 MB
cache_dir aufs /var/squid/cache 128 16 256
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
icp_port 3130
pipeline_prefetch off
#delay_pools 2
#delay_class 1 4
#delay_class 2 4
#delay_access 1 allow local_net_src
#delay_access 2 allow local_net_dst
#delay_parameters 1 -1/-1 -1/-1 -1/-1 51200/51200
#delay_parameters 2 -1/-1 -1/-1 -1/-1 -1/-1
#delay_initial_bucket_level 75
httpd_suppress_version_string on
forwarded_for off
hosts_file /etc/hosts
cache_replacement_policy heap LFUDA
cache_swap_low 90
cache_swap_high 95
maximum_object_size_in_memory 50 KB
memory_pools off
maximum_object_size 50 MB
quick_abort_min 0 KB
quick_abort_max 0 KB
log_icp_queries off
client_db off
buffered_logs on
half_closed_clients off
I had delay pools but I later disabled them as well.
Received on Sun Jun 26 2011 - 09:24:19 MDT
This archive was generated by hypermail 2.2.0 : Sun Jun 26 2011 - 12:00:02 MDT
