Re: [squid-users] Low memory usage

From: Guido Marino Lorenzutti <glorenzutti_at_jusbaires.gov.ar>
Date: Fri, 20 Jul 2012 11:00:29 -0300

I have 18GB of physical memory.

Marcus Kool <marcus.kool_at_urlfilterdb.com> escribió:

> If you have 14 GB physical memory, it is not recommended to set
> cache_mem 14 GB.
> See the FAQ for more details:
> http://wiki.squid-cache.org/SquidFaq/SquidMemory
>
> Marcus
>
>
> On 07/20/2012 10:17 AM, Guido Marino Lorenzutti wrote:
>> Hi people!
>> Im running 3.1.20 with ntlm and it works much better! I was using
>> squid 2.7 and the ntlm was much slower.
>>
>> What I'm seeing strange is that the use of memory for cache is very
>> low. Any suggestion to improve the use of my 14GB of ram ?
>>
>> This is my squid.conf:
>>
>> external_acl_type ldap_group ttl=1200 children=4 %LOGIN
>> /usr/lib/squid3/squid_ldap_group -b "ou=Group,dc=SARASA,dc=COM" -f
>> "(&(cn=%a)(memberuid=%v)(objectClass=posixgroup))" -h 100.0.0.1 -v3
>> -S -P
>>
>> cache_dir aufs /var/spool/squid3 28000 16 256
>>
>> cache_mem 14 GB
>>
>> visible_hostname proxy.sarasa.com
>>
>> acl lan src 100.0.0.0/16
>>
>> auth_param ntlm children 100 startup=0 idle=1
>> auth_param basic children 5 startup=0 idle=1
>>
>> refresh_pattern ^http://.*\.facebook.*/.* 720 100% 10080
>> override-expire override-lastmod reload-into-ims
>>
>> http_port 3128
>> log_fqdn off
>> cache_store_log none
>> cache_log /var/log/squid3/cache_log.log
>> access_log /var/log/squid3/access.log
>> emulate_httpd_log on
>>
>> log_mime_hdrs off
>> nonhierarchical_direct off
>> prefer_direct on
>> strip_query_terms on
>> httpd_suppress_version_string on
>>
>> auth_param ntlm program /usr/bin/ntlm_auth
>> --helper-protocol=squid-2.5-ntlmssp --domain=SARASA
>> auth_param ntlm keep_alive on
>> authenticate_ttl 240 seconds
>> authenticate_ip_ttl 10 minutes
>> authenticate_cache_garbage_interval 2 hours
>>
>> auth_param basic program /usr/bin/ntlm_auth
>> --helper-protocol=squid-2.5-basic --domain=SARASA
>> auth_param basic realm Squid proxy-caching web server
>> auth_param basic credentialsttl 2 hours
>>
>> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
>> refresh_pattern . 0 20% 4320
>>
>> negative_ttl 5 minutes
>> positive_dns_ttl 5 hours
>> negative_dns_ttl 1 minutes
>> half_closed_clients off
>> connect_timeout 3 seconds
>> cache_swap_low 85
>> cache_swap_high 95
>> maximum_object_size 800 MB
>> maximum_object_size_in_memory 2 MB
>> request_body_max_size 10 MB
>> request_header_max_size 128 KB
>> fqdncache_size 6144
>> cache_replacement_policy heap lfuda
>> memory_replacement_policy lru
>> pipeline_prefetch off
>> client_persistent_connections on
>> server_persistent_connections on
>>
>> hierarchy_stoplist cgi-bin ?
>> acl QUERY urlpath_regex cgi-bin \?
>> no_cache deny QUERY
>>
>> acl all src all
>>
>> acl govar dstdomain "/etc/squid3/accepted.govar"
>> acl nomsnurl dstdomain "/etc/squid3/nomsn"
>> acl accepted_dominios dstdomain "/etc/squid3/accepted.dominios"
>> acl accepted_ips dst "/etc/squid3/accepted.ips"
>> acl accepted_urls url_regex -i "/etc/squid3/accepted.urls"
>> acl activate_ms url_regex -i "/etc/squid3/activate.ms"
>>
>> acl denied_dominios dstdomain "/etc/squid3/denied.dominios"
>> acl denied_dominios_para_todos dstdomain
>> "/etc/squid3/denied.dominios.para.todos"
>> acl denied_expresiones url_regex -i "/etc/squid3/denied.expresiones"
>> acl denied_promos url_regex -i "/etc/squid3/block.ads"
>> acl denied_archivos urlpath_regex -i "/etc/squid3/denied.archivos"
>> acl denied_ips dst "/etc/squid3/denied.ips"
>>
>> acl manager proto cache_object
>> acl localhost src 127.0.0.1
>> acl SSL_MS_ports port 443 8443
>> acl SSL_ports port 443 563 1863 6667 4430 8443
>> acl Safe_ports port 21
>> acl Safe_ports port 80
>> acl Safe_ports port 443 563
>> acl Safe_ports port 631
>> acl Safe_ports port 3000
>> acl Safe_ports port 8181
>> acl Safe_ports port 1024
>> acl Safe_ports port 8087
>> acl Safe_ports port 2401
>> acl Safe_ports port 9418
>> acl Safe_ports port 14534
>> acl Safe_ports port 873
>> acl Safe_ports port 2095
>> acl Safe_ports port 8080 2480 8443 8180 1741
>> acl Safe_ports port 10080
>>
>> acl Full_ports port 8081
>> acl Full_ports port 8180
>> acl Full_ports port 8181
>> acl Full_ports port 8090
>> acl Full_ports port 10000
>> acl Full_ports port 8383
>> acl Full_ports port 2280
>> acl Full_ports port 2288
>> acl Full_ports port 21
>> acl Full_ports port 20
>> acl Full_ports port 5900
>> acl Full_ports port 2082
>> acl Full_ports port 19638
>> acl Full_ports port 2082
>> acl Full_ports port 2095
>> acl Full_ports port 9001
>> acl Full_ports port 8443
>> acl Full_ports port 1741
>>
>> acl auth proxy_auth REQUIRED
>> acl noinet external ldap_group noinet
>> acl fullinet external ldap_group fullinet
>> acl linuxadmin external ldap_group linuxadmin
>> acl nomsn external ldap_group nomsn
>> acl nofacebook external ldap_group nofacebook
>> acl facebook_domain dstdomain .facebook.com
>> acl teamviewer browser DynGate
>> acl teamviewersite dstdomain .teamviewer.com
>>
>> acl CONNECT method CONNECT
>> acl PURGE method PURGE
>>
>> acl java_jvm browser Java/1.3 Java/1.4 Java/1.5 Java/1.6
>>
>> http_access allow PURGE localhost
>> http_access deny PURGE
>> http_access allow manager localhost
>> http_access deny manager
>> http_access deny !Safe_ports
>> http_access deny CONNECT !SSL_MS_ports
>> http_access allow localhost
>>
>> http_access allow activate_ms
>> http_access deny teamviewer
>> http_access deny teamviewersite
>>
>> http_access deny denied_dominios_para_todos
>> http_access allow fullinet lan
>> http_access allow fullinet Full_ports
>> http_access allow linuxadmin all
>> http_access allow accepted_dominios
>> http_access allow accepted_ips
>> http_access allow accepted_urls
>> http_access allow govar
>> http_access allow java_jvm
>> http_access deny noinet all
>>
>> http_access deny denied_ips
>> http_access deny denied_archivos
>> http_access deny denied_expresiones
>> http_access deny denied_dominios
>> http_access deny nomsn nomsnurl
>> http_access deny nofacebook facebook_domain
>>
>> http_access allow auth lan
>>
>> http_access deny all
>> icp_access deny all
>>
>> acl delayed_pages url_regex -i "/etc/squid3/delayed_pages"
>> delay_pools 1
>> delay_class 1 1
>> delay_parameters 1 16000/32000
>> delay_access 1 allow !linuxadmin delayed_pages
>>
>> acl snmppublic snmp_community public
>> snmp_port 3401
>> snmp_access allow snmppublic localhost
>> snmp_access deny all
>> snmp_incoming_address 0.0.0.0
>> snmp_outgoing_address 255.255.255.255
>>
>>
>> And... this is my squidclient mgr:info
>>
>> Connection information for squid:
>> Number of clients accessing cache: 61
>> Number of HTTP requests received: 2550426
>> Number of ICP messages received: 0
>> Number of ICP messages sent: 0
>> Number of queued ICP replies: 0
>> Number of HTCP messages received: 0
>> Number of HTCP messages sent: 0
>> Request failure ratio: 0.00
>> Average HTTP requests per minute since start: 4041.7
>> Average ICP messages per minute since start: 0.0
>> Select loop called: 59882415 times, 0.632 ms avg
>> Cache information for squid:
>> Hits as % of all requests: 5min: 6.9%, 60min: 7.0%
>> Hits as % of bytes sent: 5min: 63.4%, 60min: 58.5%
>> Memory hits as % of hit requests: 5min: 8.0%, 60min: 15.8%
>> Disk hits as % of hit requests: 5min: 21.3%, 60min: 31.3%
>> Storage Swap size: 24371196 KB
>> Storage Swap capacity: 85.0% used, 15.0% free
>> Storage Mem size: 365584 KB
>> Storage Mem capacity: 2.5% used, 97.5% free
>> Mean Object Size: 25.85 KB
>> Requests given to unlinkd: 0
>> Median Service Times (seconds) 5 min 60 min:
>> HTTP Requests (All): 0.00091 0.00091
>> Cache Misses: 0.27332 0.32154
>> Cache Hits: 0.00562 0.00562
>> Near Hits: 0.03066 0.06286
>> Not-Modified Replies: 0.00179 0.00286
>> DNS Lookups: 0.14912 0.22276
>> ICP Queries: 0.00000 0.00000
>> Resource usage for squid:
>> UP Time: 37862.000 seconds
>> CPU Time: 5896.256 seconds
>> CPU Usage: 15.57%
>> CPU Usage, 5 minute avg: 46.89%
>> CPU Usage, 60 minute avg: 48.09%
>> Process Data Segment Size via sbrk(): 642400 KB
>> Maximum Resident Size: 2564880 KB
>> Page faults with physical i/o: 0
>> Memory usage for squid via mallinfo():
>> Total space in arena: 642532 KB
>> Ordinary blocks: 640345 KB 481 blks
>> Small blocks: 0 KB 0 blks
>> Holding blocks: 37412 KB 11 blks
>> Free Small blocks: 0 KB
>> Free Ordinary blocks: 2186 KB
>> Total in use: 677758 KB 100%
>> Total free: 2186 KB 0%
>> Total size: 679944 KB
>> Memory accounted for:
>> Total accounted: 555509 KB 82%
>> memPool accounted: 555508 KB 82%
>> memPool unaccounted: 124435 KB 18%
>> memPoolAlloc calls: 554345828
>> memPoolFree calls: 554714271
>> File descriptor usage for squid:
>> Maximum number of file descriptors: 65535
>> Largest file desc currently in use: 1283
>> Number of file desc currently in use: 933
>> Files queued for open: 0
>> Available number of file descriptors: 64602
>> Reserved number of file descriptors: 100
>> Store Disk files open: 0
>> Internal Data Structures:
>> 943411 StoreEntries
>> 17758 StoreEntries with MemObjects
>> 17733 Hot Object Cache Items
>> 942951 on-disk objects
>>
>>
>> Tnxs in advance.
>>
>>
>>
>
Received on Fri Jul 20 2012 - 14:00:42 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 20 2012 - 12:00:01 MDT