Re: [squid-users] Squid without cache and high CPU usage from Amos Jeffries on 2013-04-15 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 16 Apr 2013 16:44:01 +1200

On 16/04/2013 7:44 a.m., mkeram wrote:
> Hello,
> I'm using Squid 2.9 stable7 as transparent proxy on Debian 6.0. I have 3 links to 3 ISPs. For now I have max 50mbits squid traffic for 200 users. Users are assigned to proper IP class and each class to proper link to ISP. Traffic is logged not cached on disk. I don't need anything else. Problem is with very high load and CPU usage (70%) of squid process. If I use simple NAT without Squid, CPU usage with this traffic is less than 5%. My machine is old P4 2,8HT 2gb ram, intel network cards.
> My squid configuration:
>
> http_port 192.168.0.100:8080 transparent
>
> acl IP150 src 192.168.1.0/255.255.255.0
> acl IP45 src 192.168.2.0/255.255.255.0
> acl IP10 src 192.168.3.0/255.255.255.224
>
> http_access allow IP150
> http_access allow IP45
> http_access allow IP10
>
> tcp_outgoing_address x.x.x.150 IP150
> udp_outgoing_address x.x.x.150 IP150
> tcp_outgoing_address y.y.y.45 IP45
> udp_outgoing_address y.y.y.45 IP45
> tcp_outgoing_address z.z.z.10 IP10
> udp_outgoing_address z.z.z.10 IP10
>
> error_directory /usr/share/squid-langpack/pl
> half_closed_clients off
>
> acl safe_ports port 80
> acl safe_ports port 443
> http_access deny !safe_ports
>
> acl all src 0.0.0.0/0
> max_filedesc 8192
>
> cache_mem 1000 MB
> maximum_object_size 4096 kB
>
> visible_hostname squid
>
> dns_nameservers 127.0.0.1
>
> cache_dir null /squid/squid-cache
> memory_replacement_policy heap GDSF
>
> cache_access_log /var/log/squid/access.log
> cache_log /var/log/squid/cache.log
> cache_store_log none
> emulate_httpd_log on
>
> log_icp_queries off
>
> ipcache_size 10240
> ipcache_low 90
> ipcache_high 97
>
> fqdncache_size 8192
>
> memory_pools on
> memory_pools_limit 100 MB
>
> Could you please advise waht am I doing wrong how can I fix this?

Squid-2.7 does not contain some memory architectural changes which make
squid-3.x memory caching with large amounts of memory possible.

Also, you have 100 MB of memory pool storing 1000 MB of memory objects.

Also comparing Squid to a NAT router device you will *always* get a far
better result on CPU and packet delivery times. Squid is processing
every packet of a connection for the HTTP protocol information and
possibly re-arranging the protocol messages more efficiently. The NAT
router device is handling only the IP:port TCP headers of packets.

Amos
Received on Tue Apr 16 2013 - 04:44:05 MDT

This archive was generated by hypermail 2.2.0 : Tue Apr 16 2013 - 12:00:04 MDT