If you have 14 GB physical memory, it is not recommended to set cache_mem 14 GB.
See the FAQ for more details:
http://wiki.squid-cache.org/SquidFaq/SquidMemory
Marcus
On 07/20/2012 10:17 AM, Guido Marino Lorenzutti wrote:
> Hi people!
> Im running 3.1.20 with ntlm and it works much better! I was using squid 2.7 and the ntlm was much slower.
>
> What I'm seeing strange is that the use of memory for cache is very low. Any suggestion to improve the use of my 14GB of ram ?
>
> This is my squid.conf:
>
> external_acl_type ldap_group ttl=1200 children=4 %LOGIN /usr/lib/squid3/squid_ldap_group -b "ou=Group,dc=SARASA,dc=COM" -f "(&(cn=%a)(memberuid=%v)(objectClass=posixgroup))" -h 100.0.0.1 -v3 -S -P
>
> cache_dir aufs /var/spool/squid3 28000 16 256
>
> cache_mem 14 GB
>
> visible_hostname proxy.sarasa.com
>
> acl lan src 100.0.0.0/16
>
> auth_param ntlm children 100 startup=0 idle=1
> auth_param basic children 5 startup=0 idle=1
>
> refresh_pattern ^http://.*\.facebook.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims
>
> http_port 3128
> log_fqdn off
> cache_store_log none
> cache_log /var/log/squid3/cache_log.log
> access_log /var/log/squid3/access.log
> emulate_httpd_log on
>
> log_mime_hdrs off
> nonhierarchical_direct off
> prefer_direct on
> strip_query_terms on
> httpd_suppress_version_string on
>
> auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=SARASA
> auth_param ntlm keep_alive on
> authenticate_ttl 240 seconds
> authenticate_ip_ttl 10 minutes
> authenticate_cache_garbage_interval 2 hours
>
> auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --domain=SARASA
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
>
> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
> refresh_pattern . 0 20% 4320
>
> negative_ttl 5 minutes
> positive_dns_ttl 5 hours
> negative_dns_ttl 1 minutes
> half_closed_clients off
> connect_timeout 3 seconds
> cache_swap_low 85
> cache_swap_high 95
> maximum_object_size 800 MB
> maximum_object_size_in_memory 2 MB
> request_body_max_size 10 MB
> request_header_max_size 128 KB
> fqdncache_size 6144
> cache_replacement_policy heap lfuda
> memory_replacement_policy lru
> pipeline_prefetch off
> client_persistent_connections on
> server_persistent_connections on
>
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
>
> acl all src all
>
> acl govar dstdomain "/etc/squid3/accepted.govar"
> acl nomsnurl dstdomain "/etc/squid3/nomsn"
> acl accepted_dominios dstdomain "/etc/squid3/accepted.dominios"
> acl accepted_ips dst "/etc/squid3/accepted.ips"
> acl accepted_urls url_regex -i "/etc/squid3/accepted.urls"
> acl activate_ms url_regex -i "/etc/squid3/activate.ms"
>
> acl denied_dominios dstdomain "/etc/squid3/denied.dominios"
> acl denied_dominios_para_todos dstdomain "/etc/squid3/denied.dominios.para.todos"
> acl denied_expresiones url_regex -i "/etc/squid3/denied.expresiones"
> acl denied_promos url_regex -i "/etc/squid3/block.ads"
> acl denied_archivos urlpath_regex -i "/etc/squid3/denied.archivos"
> acl denied_ips dst "/etc/squid3/denied.ips"
>
> acl manager proto cache_object
> acl localhost src 127.0.0.1
> acl SSL_MS_ports port 443 8443
> acl SSL_ports port 443 563 1863 6667 4430 8443
> acl Safe_ports port 21
> acl Safe_ports port 80
> acl Safe_ports port 443 563
> acl Safe_ports port 631
> acl Safe_ports port 3000
> acl Safe_ports port 8181
> acl Safe_ports port 1024
> acl Safe_ports port 8087
> acl Safe_ports port 2401
> acl Safe_ports port 9418
> acl Safe_ports port 14534
> acl Safe_ports port 873
> acl Safe_ports port 2095
> acl Safe_ports port 8080 2480 8443 8180 1741
> acl Safe_ports port 10080
>
> acl Full_ports port 8081
> acl Full_ports port 8180
> acl Full_ports port 8181
> acl Full_ports port 8090
> acl Full_ports port 10000
> acl Full_ports port 8383
> acl Full_ports port 2280
> acl Full_ports port 2288
> acl Full_ports port 21
> acl Full_ports port 20
> acl Full_ports port 5900
> acl Full_ports port 2082
> acl Full_ports port 19638
> acl Full_ports port 2082
> acl Full_ports port 2095
> acl Full_ports port 9001
> acl Full_ports port 8443
> acl Full_ports port 1741
>
> acl auth proxy_auth REQUIRED
> acl noinet external ldap_group noinet
> acl fullinet external ldap_group fullinet
> acl linuxadmin external ldap_group linuxadmin
> acl nomsn external ldap_group nomsn
> acl nofacebook external ldap_group nofacebook
> acl facebook_domain dstdomain .facebook.com
> acl teamviewer browser DynGate
> acl teamviewersite dstdomain .teamviewer.com
>
> acl CONNECT method CONNECT
> acl PURGE method PURGE
>
> acl java_jvm browser Java/1.3 Java/1.4 Java/1.5 Java/1.6
>
> http_access allow PURGE localhost
> http_access deny PURGE
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_MS_ports
> http_access allow localhost
>
> http_access allow activate_ms
> http_access deny teamviewer
> http_access deny teamviewersite
>
> http_access deny denied_dominios_para_todos
> http_access allow fullinet lan
> http_access allow fullinet Full_ports
> http_access allow linuxadmin all
> http_access allow accepted_dominios
> http_access allow accepted_ips
> http_access allow accepted_urls
> http_access allow govar
> http_access allow java_jvm
> http_access deny noinet all
>
> http_access deny denied_ips
> http_access deny denied_archivos
> http_access deny denied_expresiones
> http_access deny denied_dominios
> http_access deny nomsn nomsnurl
> http_access deny nofacebook facebook_domain
>
> http_access allow auth lan
>
> http_access deny all
> icp_access deny all
>
> acl delayed_pages url_regex -i "/etc/squid3/delayed_pages"
> delay_pools 1
> delay_class 1 1
> delay_parameters 1 16000/32000
> delay_access 1 allow !linuxadmin delayed_pages
>
> acl snmppublic snmp_community public
> snmp_port 3401
> snmp_access allow snmppublic localhost
> snmp_access deny all
> snmp_incoming_address 0.0.0.0
> snmp_outgoing_address 255.255.255.255
>
>
> And... this is my squidclient mgr:info
>
> Connection information for squid:
> Number of clients accessing cache: 61
> Number of HTTP requests received: 2550426
> Number of ICP messages received: 0
> Number of ICP messages sent: 0
> Number of queued ICP replies: 0
> Number of HTCP messages received: 0
> Number of HTCP messages sent: 0
> Request failure ratio: 0.00
> Average HTTP requests per minute since start: 4041.7
> Average ICP messages per minute since start: 0.0
> Select loop called: 59882415 times, 0.632 ms avg
> Cache information for squid:
> Hits as % of all requests: 5min: 6.9%, 60min: 7.0%
> Hits as % of bytes sent: 5min: 63.4%, 60min: 58.5%
> Memory hits as % of hit requests: 5min: 8.0%, 60min: 15.8%
> Disk hits as % of hit requests: 5min: 21.3%, 60min: 31.3%
> Storage Swap size: 24371196 KB
> Storage Swap capacity: 85.0% used, 15.0% free
> Storage Mem size: 365584 KB
> Storage Mem capacity: 2.5% used, 97.5% free
> Mean Object Size: 25.85 KB
> Requests given to unlinkd: 0
> Median Service Times (seconds) 5 min 60 min:
> HTTP Requests (All): 0.00091 0.00091
> Cache Misses: 0.27332 0.32154
> Cache Hits: 0.00562 0.00562
> Near Hits: 0.03066 0.06286
> Not-Modified Replies: 0.00179 0.00286
> DNS Lookups: 0.14912 0.22276
> ICP Queries: 0.00000 0.00000
> Resource usage for squid:
> UP Time: 37862.000 seconds
> CPU Time: 5896.256 seconds
> CPU Usage: 15.57%
> CPU Usage, 5 minute avg: 46.89%
> CPU Usage, 60 minute avg: 48.09%
> Process Data Segment Size via sbrk(): 642400 KB
> Maximum Resident Size: 2564880 KB
> Page faults with physical i/o: 0
> Memory usage for squid via mallinfo():
> Total space in arena: 642532 KB
> Ordinary blocks: 640345 KB 481 blks
> Small blocks: 0 KB 0 blks
> Holding blocks: 37412 KB 11 blks
> Free Small blocks: 0 KB
> Free Ordinary blocks: 2186 KB
> Total in use: 677758 KB 100%
> Total free: 2186 KB 0%
> Total size: 679944 KB
> Memory accounted for:
> Total accounted: 555509 KB 82%
> memPool accounted: 555508 KB 82%
> memPool unaccounted: 124435 KB 18%
> memPoolAlloc calls: 554345828
> memPoolFree calls: 554714271
> File descriptor usage for squid:
> Maximum number of file descriptors: 65535
> Largest file desc currently in use: 1283
> Number of file desc currently in use: 933
> Files queued for open: 0
> Available number of file descriptors: 64602
> Reserved number of file descriptors: 100
> Store Disk files open: 0
> Internal Data Structures:
> 943411 StoreEntries
> 17758 StoreEntries with MemObjects
> 17733 Hot Object Cache Items
> 942951 on-disk objects
>
>
> Tnxs in advance.
>
>
>
Received on Fri Jul 20 2012 - 13:53:55 MDT
This archive was generated by hypermail 2.2.0 : Fri Jul 20 2012 - 12:00:01 MDT