On Wed, 14 Dec 2011 13:22:38 -0200, Wladner Klimach wrote:
> Hello,
>
> i'm running squid with kerberos authentication. The problem is that
> it's runing too slow. Looks like squid is negotiating with AD every
> URL it tries to get. Anyone could point me a way out?
A few things:
* Double-check that you have connection persistence (keep-alive)
operating on all connections (both client and server).
* Ensure that your squid is as recent as you can use, we have had
ongoing small fixes to improve persistence across all releases this past
year.
* Check that the auth packets are not failing over into NTLM or older
protocols in apps which are supposed to be on Kerberos.
* Maybe also check that DNS lookups Kerberos depends on for DC
location are responding fast with reasonable TTL.
Amos
Received on Wed Dec 14 2011 - 22:50:39 MST
This archive was generated by hypermail 2.2.0 : Mon Dec 19 2011 - 12:00:03 MST