On Wed, 17 Aug 2011 09:14:44 +0930, Brett Lymn wrote:
> On Wed, Aug 17, 2011 at 11:30:39AM +1200, Amos Jeffries wrote:
>>
>> If you need something more dynamic or real-time, use
>> external_acl_type
>> to run a script.
>>
>
> Out of interest, what are the performance implications of doing this?
> Are the external_acl_type scripts like other helpers and forked at
> startup?
Yes. Just like auth helpers. With the same types of impact as Basic
auth when the credentials are given.
Performance on individual requests is directly slower by the amount of
lookup time, as you would expect. These are cached for some TTL value
(configurable). sso impact is variable relative to the permutations for
input format passed to the helper.
Overall Squid speed has very little performance impact. Since the
requests are handled in parallel one left waiting simply frees up CPU
for others. But the FD and RAM usage are related to total request
handling time. So their requirements are relative to the response speed
of the script. You don't want it taking many seconds/minutes to respond.
Then there are the malloc implementations that explode virtual memory
whenever fork() is run by a large in-RAM process like Squid.
Amos
Received on Wed Aug 17 2011 - 00:04:17 MDT
This archive was generated by hypermail 2.2.0 : Wed Aug 17 2011 - 12:00:02 MDT