Hello
I think you didn't get my last reply...here is a copy:
based on your help and this example
http://wiki.squid-cache.org/ConfigExamples/SmpCarpCluster ,The following is
my config and access.log.
the problem is the websites does not load resulting in timeout...
it works perfectly when commenting out cache peer lines any help is
appreciated
#######squid.conf########
# DO change this "somepassword"
cachemgr_passwd somepassword all
#debug_options ALL,9
acl localnet src 178.173.12.70
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
wccp2_router 172.22.122.33
wccp_version 2
wccp2_rebuild_wait off
wccp2_forwarding_method 2
wccp2_return_method 2
wccp2_assignment_method 2
# wccp2_service standard 0
wccp2_service dynamic 80
wccp2_service dynamic 90
wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80
wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source
priority=240 ports=80
# basic safety net access controls.
# NOTE that user access and local access controls are all in frontend.conf
http_access deny !Safe_ports http_access deny CONNECT !SSL_ports
# 3 workers, using worker #1 as the frontend is important workers 3 if
${process_number} = 1 include /etc/squid3/frontend.conf else include
/etc/squid3/backend.conf endif http_access allow localnet http_access deny
all
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
#########################################
######frontend.conf#######
http_port 3128
http_port 3129 tproxy
shutdown_lifetime 3 second
# add user authentication and similar options here http_access allow manager
localhost http_access allow manager all http_access deny manager
# add backends - one line for each additional worker you configured # NOTE
how the port number matches the kid number cache_peer localhost parent 4002
0 carp login=PASS name=backend-kid2 no-tproxy cache_peer localhost parent
4003 0 carp login=PASS name=backend-kid3 no-tproxy
#you want the frontend to have a significant cache_mem cache_mem 512 MB
# change /tmp to your own log directory, e.g. /var/log/squid access_log
/var/log/squid3/frontend.access.log
cache_log /var/log/squid3/frontend.cache.log
# the frontend requires a different name to the backend(s) visible_hostname
frontend.example.com http_access allow localhost
#################################################
########backend.conf###########
# each backend must listen on a unique port # without this the CARP
algorithm would be useless http_port 127.0.0.1:400${process_number}
shutdown_lifetime 3 second # a 10 GB cache of small (up to 32KB) objects
accessible by any backend worker #cache_dir rock /mnt/cacheRock 10240
max-size=32768 follow_x_forwarded_for allow localhost # NP: for now AUFS
does not support SMP but the CARP algorithm helps reduce object duplications
# a 10 GB cache of large ( over 32KB) objects per-worker cache_dir aufs
/mnt/cache${process_number} 10240 128 128 min-size=32769
# the default maximum cached object size is a bit small # you want the
backend to be able to cache some fairly large objects maximum_object_size
512 MB
# you want the backend to have a small cache_mem cache_mem 4 MB
# the backends require a different name to frontends, but can share one #
this prevents forwarding loops between backends while allowing # frontend to
forward via the backend visible_hostname backend-kid${process_number}
# change /var/log/squid to your own log directory access_log
/var/log/squid3/backend.access.log
cache_log /var/log/squid3/backend.cache.log
# add just enough access permissions to allow the frontend http_access allow
localhost ########################################
#######frontend.log###########
1377506559.692 61025 178.173.12.70 TCP_MISS/503 4201 GET
http://ubuntuforums.org/favicon.ico - CARP/127.0.0.1 text/html
1377506559.692 61025 178.173.12.70 TCP_MISS/503 4252 GET
http://www.tucny.com/favicon.ico - CARP/127.0.0.1 text/html
1377506559.692 61025 178.173.12.70 TCP_MISS/503 4135 GET
http://www.crypt.gen.nz/favicon.ico - CARP/127.0.0.1 text/html
1377506560.528 185790 178.173.12.70 TCP_MISS/503 4234 GET
http://packages.debian.org/jessie/amd64/squid3/download - CARP/127.0.0.1
text/html
1377506569.155 59998 178.173.12.70 TCP_MISS_ABORTED/000 0 GET
http://um10.eset.com/eset_eval/update.ver - CARP/127.0.0.1 -
1377506574.699 183383 178.173.12.70 TCP_MISS/503 4267 GET
http://www.googletagservices.com/tag/js/gpt.js - CARP/127.0.0.1 text/html
1377506590.529 180764 178.173.12.70 TCP_MISS/503 4261 GET
http://cm.g.doubleclick.net/pixel? - CARP/127.0.0.1 text/html
1377506615.522 59941 178.173.12.70 TCP_MISS/503 4150 GET
http://wiki.squid-cache.org/favicon.ico - CARP/127.0.0.1 text/html
1377506618.710 60996 178.173.12.70 TCP_MISS/503 4186 GET
http://devel.squid-cache.org/favicon.ico - CARP/127.0.0.1 text/html
1377506618.710 60990 178.173.12.70 TCP_MISS/503 4170 GET
http://www.pmoghadam.com/favicon.ico - CARP/127.0.0.1 text/html
1377506618.710 61012 178.173.12.70 TCP_MISS/503 4554 GET
http://www.packtpub.com/favicon.ico - CARP/127.0.0.1 text/html
1377506618.710 60996 178.173.12.70 TCP_MISS/503 4358 GET
http://www.netcontractor.pl/favicon.ico - CARP/127.0.0.1 text/html
1377506618.710 60836 178.173.12.70 TCP_MISS/503 4333 GET
http://etutorials.org/favicon.ico - CARP/127.0.0.1 text/html
1377506620.530 60830 178.173.12.70 TCP_MISS/503 4357 GET
http://www.thegeekstuff.com/favicon.ico - CARP/127.0.0.1 text/html
1377506620.530 60660 178.173.12.70 TCP_MISS/503 4187 GET
http://www.web-polygraph.org/favicon.ico - CARP/127.0.0.1 text/html
1377506620.531 60830 178.173.12.70 TCP_MISS/503 4233 GET
http://ubuntuforums.org/favicon.ico - CARP/127.0.0.1 text/html
1377506622.740 241014 178.173.12.70 TCP_MISS/503 5098 GET
http://code.google.com/p/shellinabox/ - CARP/127.0.0.1 text/html
1377506624.744 61206 178.173.12.70 TCP_MISS/503 4284 GET
http://www.tucny.com/favicon.ico - CARP/127.0.0.1 text/html
1377506625.549 240496 178.173.12.70 TCP_MISS/503 4397 GET
http://gravatar.com/avatar/33be8eebf9ff1375eecabb6d45bb84f0/? -
CARP/127.0.0.1 text/html
1377506625.744 240691 178.173.12.70 TCP_MISS/503 4397 GET
http://gravatar.com/avatar/10c08133f930b023f8a29f7aca903ade/? -
CARP/127.0.0.1 text/html
1377506625.744 240691 178.173.12.70 TCP_MISS/503 4397 GET
http://gravatar.com/avatar/bbafaf9e10ccbeadb05132f0907eef62/? -
CARP/127.0.0.1 text/html
1377506629.328 59998 178.173.12.70 TCP_MISS_ABORTED/000 0 GET
http://um16.eset.com/eset_eval/update.ver - CARP/127.0.0.1 -
1377506633.749 241284 178.173.12.70 TCP_MISS/503 7215 GET
http://cisco.112.2o7.net/b/ss/cisco-us,cisco-usprodswitches/1/H.24.3/s641795
77133309? - CARP/127.0.0.1 text/html
1377506634.605 820 178.173.12.70 TCP_MISS/200 1650 GET
http://www.cisco.com/favicon.ico - HIER_DIRECT/2.21.32.170 image/x-icon
1377506675.522 59980 178.173.12.70 TCP_MISS/503 4182 GET
http://wiki.squid-cache.org/favicon.ico - CARP/127.0.0.1 text/html
1377506680.531 59983 178.173.12.70 TCP_MISS/503 4187 GET
http://www.web-polygraph.org/favicon.ico - CARP/127.0.0.1 text/html
1377506687.797 61209 178.173.12.70 TCP_MISS/503 5054 GET
http://beacon-1.newrelic.com/1/c7e812077e? - CARP/127.0.0.1 text/html
1377506690.518 61188 178.173.12.70 TCP_MISS/503 4297 GET
http://um16.eset.com/eset_eval/update.ver - CARP/127.0.0.1 text/html
1377506740.805 180167 178.173.12.70 TCP_MISS/503 4178 GET
http://packages.debian.org/favicon.ico - CARP/127.0.0.1 text/html
1377506863.962 241107 178.173.12.70 TCP_MISS/503 5085 GET
http://code.google.com/favicon.ico - CARP/127.0.0.1 text/html
#################################
#############backend.log################
1377506560.528 181935 178.173.12.70 TCP_MISS/503 4100 GET
http://packages.debian.org/jessie/amd64/squid3/download -
HIER_DIRECT/213.165.95.4 text/html
1377506569.155 59998 178.173.12.70 TCP_MISS_ABORTED/000 0 GET
http://um10.eset.com/eset_eval/update.ver - HIER_DIRECT/93.184.71.21 -
1377506574.698 183217 178.173.12.70 TCP_MISS/503 4133 GET
http://www.googletagservices.com/tag/js/gpt.js - HIER_DIRECT/173.194.36.25
text/html
1377506590.529 180754 178.173.12.70 TCP_MISS/503 4127 GET
http://cm.g.doubleclick.net/pixel? - HIER_DIRECT/173.194.36.13 text/html
1377506615.522 59940 178.173.12.70 TCP_MISS/503 4016 GET
http://wiki.squid-cache.org/favicon.ico - HIER_DIRECT/77.93.254.178
text/html
1377506618.708 60994 178.173.12.70 TCP_MISS/503 4052 GET
http://devel.squid-cache.org/favicon.ico - HIER_DIRECT/216.34.181.97
text/html
1377506618.708 60988 178.173.12.70 TCP_MISS/503 4036 GET
http://www.pmoghadam.com/favicon.ico - HIER_DIRECT/79.175.162.79 text/html
1377506618.709 60995 178.173.12.70 TCP_MISS/503 4224 GET
http://www.netcontractor.pl/favicon.ico - HIER_DIRECT/78.46.37.186 text/html
1377506618.709 60835 178.173.12.70 TCP_MISS/503 4199 GET
http://etutorials.org/favicon.ico - HIER_DIRECT/195.234.5.139 text/html
1377506618.709 61011 178.173.12.70 TCP_MISS/503 4420 GET
http://www.packtpub.com/favicon.ico - HIER_DIRECT/83.166.169.231 text/html
1377506620.529 60830 178.173.12.70 TCP_MISS/503 4223 GET
http://www.thegeekstuff.com/favicon.ico - HIER_DIRECT/192.254.201.75
text/html
1377506620.529 60659 178.173.12.70 TCP_MISS/503 4053 GET
http://www.web-polygraph.org/favicon.ico - HIER_DIRECT/209.169.10.130
text/html
1377506620.530 60829 178.173.12.70 TCP_MISS/503 4099 GET
http://ubuntuforums.org/favicon.ico - HIER_DIRECT/91.189.94.12 text/html
1377506622.740 240843 178.173.12.70 TCP_MISS/503 4964 GET
http://code.google.com/p/shellinabox/ - HIER_DIRECT/74.125.236.164 text/html
1377506624.743 61038 178.173.12.70 TCP_MISS/503 4150 GET
http://www.tucny.com/favicon.ico - HIER_DIRECT/74.125.135.121 text/html
1377506625.548 240492 178.173.12.70 TCP_MISS/503 4263 GET
http://gravatar.com/avatar/33be8eebf9ff1375eecabb6d45bb84f0/? -
HIER_DIRECT/72.233.69.5 text/html
1377506625.744 240688 178.173.12.70 TCP_MISS/503 4263 GET
http://gravatar.com/avatar/10c08133f930b023f8a29f7aca903ade/? -
HIER_DIRECT/72.233.69.4 text/html
1377506625.744 240687 178.173.12.70 TCP_MISS/503 4263 GET
http://gravatar.com/avatar/bbafaf9e10ccbeadb05132f0907eef62/? -
HIER_DIRECT/72.233.69.4 text/html
1377506629.328 59995 178.173.12.70 TCP_MISS_ABORTED/000 0 GET
http://um16.eset.com/eset_eval/update.ver - HIER_DIRECT/93.184.71.10 -
1377506633.748 240973 178.173.12.70 TCP_MISS/503 7081 GET
http://cisco.112.2o7.net/b/ss/cisco-us,cisco-usprodswitches/1/H.24.3/s641795
77133309? - HIER_DIRECT/66.235.132.232 text/html
1377506674.091 0 :: TCP_DENIED/403 3788 GET
http://backend-kid2:4002/squid-internal-periodic/store_digest - HIER_NONE/-
text/html
1377506675.522 59980 178.173.12.70 TCP_MISS/503 4048 GET
http://wiki.squid-cache.org/favicon.ico - HIER_DIRECT/77.93.254.178
text/html
1377506680.531 59983 178.173.12.70 TCP_MISS/503 4053 GET
http://www.web-polygraph.org/favicon.ico - HIER_DIRECT/209.169.10.130
text/html
1377506687.797 61064 178.173.12.70 TCP_MISS/503 4920 GET
http://beacon-1.newrelic.com/1/c7e812077e? - HIER_DIRECT/50.31.164.168
text/html
1377506690.518 61188 178.173.12.70 TCP_MISS/503 4163 GET
http://um16.eset.com/eset_eval/update.ver - HIER_DIRECT/93.184.71.10
text/html
1377506734.092 0 :: TCP_DENIED/403 3788 GET
http://backend-kid3:4003/squid-internal-periodic/store_digest - HIER_NONE/-
text/html
1377506740.804 180166 178.173.12.70 TCP_MISS/503 4044 GET
http://packages.debian.org/favicon.ico - HIER_DIRECT/82.195.75.113 text/html
1377506863.961 241103 178.173.12.70 TCP_MISS/503 4951 GET
http://code.google.com/favicon.ico - HIER_DIRECT/74.125.236.166 text/html
######################################################
-----Original Message-----
From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Sent: Wednesday, August 28, 2013 9:55 AM
To: Mohsen Dehghani
Subject: Re: [squid-users] [NEED HELP] TPROXY + L2 WCCP + multi cpu
On 24/08/2013 6:26 p.m., Mohsen Dehghani wrote:
> Thanks
> But my bandwidth is gonna to be extended to 2Gbps. Are workers still
> perform better than multi instance?
I'm not sure of the answer to that one sorry. You are in a quite select
group at present dealing with Gbps traffic rates.
(If you understand Eliezers response earlier it sounds good thoguh I'm not
sure I udnerstand the specifics myself yet).
Amos
Received on Wed Aug 28 2013 - 05:52:48 MDT
This archive was generated by hypermail 2.2.0 : Wed Aug 28 2013 - 12:00:15 MDT