Hi Lutieri,
Lutieri G. wrote:
Hi!
Today i'm running squid 2.5stable9 in a debian sarg box SUN v20z. All
works very nice. Although, i need to migrate squid to a new server SUN
x4100 running FreeBSD. And now begin my problems.
I was talking about my performance problems with freebsd mailing list.
But we can't find a solution for my problem described below:
First of all, i'll paste some informations about my new server.
#uname -a
FreeBSD sd.xyz.com.br 6.2-STABLE FreeBSD 6.2-STABLE #0: Wed Aug 29
10:26:18 BRT 2007
root@xxxxxxxxxxxxx:/usr/src/sys/amd64/compile/LGB amd64
#mount
/dev/da0s1a on / (ufs, local)
devfs on /dev (devfs, local)
/dev/da0s1e on /tmp (ufs, local, soft-updates)
/dev/da0s1f on /usr (ufs, local, soft-updates)
/dev/da0s1d on /var (ufs, local, soft-updates)
/dev/da0s2a on /cache (ufs, local, soft-updates)
devfs on /var/chroot/named/dev (devfs, local)
#df -h
Filesystem Size Used Avail Capacity Mounted on
/dev/da0s1a 496M 88M 368M 19% /
devfs 1.0K 1.0K 0B 100% /dev
/dev/da0s1e 496M 538K 456M 0% /tmp
/dev/da0s1f 9.4G 4.5G 4.1G 52% /usr
/dev/da0s1d 4.7G 1.5G 2.9G 34% /var
/dev/da0s2a 9.4G 89M 8.6G 1% /cache
devfs 1.0K 1.0K 0B 100% /var/chroot/named/dev
My kernel was compiled in the day before yesterday with some tunning options:
Commented:
options INET6 # IPv6
- included:
options SYSVSHM #SYSV-style shared memory
options SYSVMSG #SYSV-style message queues
options SYSVSEM #SYSV-style semaphores
options SMP # Symmetric
options HZ=2000
options DEVICE_POLLING # Soft intrrupt's
options VFS_AIO
options MAXDSIZ=(4096UL*1024*1024) # Conf para 4Gb
options MAXSSIZ=(256UL*1024*1024) # E aqui vai pra 128
options DFLDSIZ=(4096UL*1024*1024) # 4096 tb!
# Message Queues [Based on Squid FAQ]
option MSGMNB=262144 # Number of bytes in a queue
option MSGMNI=128 # Need to be at least 2 times the number of
cache_dir entries in the squid
option MSGSSZ=256 # Size of the message segment in a queue
option MSGTQL=16384 # Number of max queue identifiers versus 128
option MSGSEG=2048 # Number of messages segments
# Shared Memory [Based on Squid FAQ]
options SHMMNI=256 # The half of the message queues at least [1 for
each cache_dir]
options SHMALL=65536 #
options SHMMAX=(128UL*1024*1024) #
options SHMSEG=128
I am not really an expert in FreeBSD kernel compilation and tweaking.
I am using the following kernel parameters in one of my FreeBSD Squid box:
options DEVICE_POLLING
options HZ=1000
options SHMSEG=128
options SHMMNI=256
options SHMMAX=50331648 # max shared memory segment size (bytes)
options SHMALL=16384 # max amount of shared memory (pages)
options MSGMNB=16384 # max # of bytes in a queue
options MSGMNI=48 # number of message queue identifiers
options MSGSEG=768 # number of message segments
options MSGSSZ=64 # size of a message segment
options MSGTQL=4096 # max messages in system
By the way, what do you have in the following sysctl tunables?
kern.maxusers
kern.ipc.somaxconn
kern.maxfiles
kern.maxfilesperproc
kern.ipc.nmbclusters
In squid.conf file :
cache_dir diskd /usr/local/squid/cache/cache1 5120 16 256 Q1=128 Q2=100
cache_dir diskd /usr/local/squid/cache/cache2 5120 16 256 Q1=128 Q2=100
You can try something like:
cache_dir diskd /usr/local/squid/cache/cache1 3600 16 256 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/cache2 3600 16 256 Q1=72 Q2=64
But since you have 2 hard drives, I think the following will be much better:
cache_dir diskd /usr/local/squid/cache/cache1 5120 16 256 Q1=72 Q2=64
cache_dir diskd /cache 7168 16 256 Q1=72 Q2=64
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_mem 1536 MB
For a start, you can try:
cache_mem 128 MB
cache_swap_low 65
cache_swap_high 80
cache_swap_low 90
cache_swap_high 92
maximum_object_size 64 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 2560 Kb
maximum_object_size_in_memory 32 Kb
#squid -v
Squid Cache: Version 2.6.STABLE14
configure options: '--bindir=/usr/local/sbin'
'--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid'
'--libexecdir=/usr/local/libexec/squid'
'--localstatedir=/usr/local/squid' '--sysconfdir=/usr/local/etc/squid'
'--enable-removal-policies=lru heap' '--disable-linux-netfilter'
'--disable-linux-tproxy' '--disable-epoll' '--enable-auth=basic ntlm
digest' '--enable-basic-auth-helpers=DB NCSA PAM MSNT SMB YP'
'--enable-digest-auth-helpers=password'
'--enable-external-acl-helpers=ip_user session unix_group
wbinfo_group' '--enable-ntlm-auth-helpers=SMB'
'--enable-negotiate-auth-helpers=squid_kerb_auth' '--with-pthreads'
'--enable-storeio=ufs diskd null aufs' '--enable-delay-pools'
'--enable-snmp' '--disable-carp' '--enable-ssl' '--with-openssl=/usr'
'--enable-cache-digests' '--enable-arp-acl'
'--enable-follow-x-forwarded-for' '--with-large-files'
'--enable-large-cache-files' '--enable-err-languages=Azerbaijani
Bulgarian Catalan Czech Danish Dutch English Estonian Finnish French
German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian
Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian
Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish'
'--enable-default-err-language=English' '--enable-ntlm-fail-open'
'--prefix=/usr/local' '--mandir=/usr/local/man'
'--infodir=/usr/local/info/' 'amd64-portbld-freebsd6.2' 'CC=cc'
'CFLAGS=-O2 -fno-strict-aliasing -pipe -I/usr/include' 'CPPFLAGS='
'LDFLAGS= -rpath=/usr/lib:/usr/local/lib -L/usr/lib'
'build_alias=amd64-portbld-freebsd6.2'
'host_alias=amd64-portbld-freebsd6.2'
'target_alias=amd64-portbld-freebsd6.2'
From the above, I see that you installed Squid from FreeBSD ports which
is fine.
But just in case you want to install from source, you can try the
following compilation parameters:
'--bindir=/usr/local/sbin' '--sysconfdir=/usr/local/etc/squid'
'--datadir=/usr/local/etc/squid' '--libexecdir=/usr/local/libexec/squid'
'--localstatedir=/usr/local/squid' '--enable-removal-policies=heap,lru'
'--enable-storeio=ufs,coss,diskd,aufs,null' '--enable-delay-pools'
'--enable-snmp' '--enable-cache-digests' '--enable-underscores'
'--enable-useragent-log' '--with-large-files'
'--enable-large-cache-files' '--prefix=/usr/local'
'--enable-follow-x-forwarded-for' '--disable-ident-lookups'
'--with-maxfd=8192' '--enable-kqueue'
But again, your needs and mileage may differ. 1 factor which will help
you in your future compilations is that if you don't understand what the
configure options does, then it is better not to use it.
My new box is a X4100 SUN.
With 4 gigabits NIC.
Two SAS disks.
4Gb RAM
Seems like you got yourself a very decent server!
I tryed use with and without RAID but I got the same problem.
Let me explain my environment:
All my users use IE6 and they have proxy config like this:
host: proxy.xyz.com.br
port 3128
Once i need to migrate all users to my new server with FreeBSD ,I only
change the IP address of proxy register in DNS server.
Ok. After two minutes i can see some users in the new server log(access.log).
After 10 minutes squidclient mgr:info return me 70 clients and the
speed connection goes very low for the users.
How do you get your bandwidth and how much is your bandwidth?
Also are you running any kind of firewall on your Squid box?
Can you post your squid.conf and also the output of "squidclient
mgr:info" and "squidclient mgr:5min | grep client"
I commented out all acl's and authentication scheme in squid conf
file. Running squid i'm monitoring with systat -v and iostat but CPU
and disks is working almost all time as idle.
You are saying that the performance of Squid does not improve even after
commenting out all your ACLs? If so, then your ACLs are not the cause of
your problem.
cache.log doesn't show me errors. only this messages:
2007/08/30 08:13:31| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:32| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:32| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:32| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:32| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:32| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:32| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:32| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:32| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
2007/08/30 08:13:50| httpAccept: FD 39: accept failure: (53) Software
caused connection abort
I've read that is harmless.
Most probably, they are harmless and are probably caused by your clients
browsers aborting requests.
But the low speed continue.
This is not a DNS problem. I've tested.
Are you running a local caching name server?
From your Squid box, what does a traceroute to yahoo.com look like?
What is your query time when you:
dig www.unknownsite.com
Hope it helps.
Thanking you.....
Any suggestion?!?!
tanx
--
With best regards and good wishes,
Yours sincerely,
Tek Bahadur Limbu
(TAG/TDG Group)
Jwl Systems Department
Worldlink Communications Pvt. Ltd.
Jawalakhel, Nepal
http://www.wlink.com.np
