Tek Bahadur Limbu ha scritto:
Hi Ferraroni ,
Ferraroni Matteo wrote:
Hi folks,
I have a little bandwidth problem. My customer's network is simple
like this: internet ---> squid 2.6 StabLe 5 (trasparent mode) ---->
lan 172.16.0.0/16
Now, the problem is that when I redirect the 80 port to 8080 (squid)
all the clients' connection slow down (from 250 Kbyte/s to 20/30
kbyte/s), and when I disable the iptables rule all returns fast.
How did you measure the slowdown is speed? And what is your actual
bandwidth pipe?
Hi, the slowdown is mesured through the IE download window (no squid:
250 Kb, with squid 60 Kb), the bandwidth pipe is 2 Megabits.
How can I solve this?
Squid.conf
http_port 8080 transparent
icp_port 0
htcp_port 0
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
emulate_httpd_log on
mime_table /etc/squid/mime.conf
pid_filename /var/run/squid.pid
dns_nameservers 213.140.2.12 208.67.222.222 193.205.245.66
acl all src 0.0.0.0/0.0.0.0
http_access allow all
iptables rules
$IPTABLES -t nat -A PREROUTING -p tcp --dport 80 -s 172.16.0.0/16 -j
REDIRECT --to-port 8080
$IPTABLES -t nat -A POSTROUTING -s 172.16.0.0/16 -j SNAT --to-source
192.168.1.2
How many network interfaces does your Squid box have? So this box
performs NAT and Proxy service simultaneously?
The squid box has 2 netwoks attached (192.168.1.0/24 on the internet
side and 172.16.0.0/16 on the lan side) the box performs NAT and Proxy
services simultaneously.
Maybe you have large ACLs filtering on your squid.conf? What is the
output of "squidclient mgr:info"?
The squid.conf is above and I have only one acl.
Here you are the squidclient mgr:info output.
Squid Object Cache: Version 2.6.STABLE17
Start Time: Wed, 12 Dec 2007 13:10:26 GMT
Current Time: Wed, 12 Dec 2007 13:10:39 GMT
Connection information for squid:
Number of clients accessing cache: 2
Number of HTTP requests received: 4
Number of ICP messages received: 0
Number of ICP messages sent: 0
Number of queued ICP replies: 0
Number of HTCP messages received: 0
Number of HTCP messages sent: 0
Request failure ratio: 0.00
Average HTTP requests per minute since start: 18.9
Average ICP messages per minute since start: 0.0
Select loop called: 86 times, 147.512 ms avg
Cache information for squid:
Request Hit Ratios: 5min: 0.0%, 60min: 0.0%
Byte Hit Ratios: 5min: -0.0%, 60min: -0.0%
Request Memory Hit Ratios: 5min: 0.0%, 60min: 0.0%
Request Disk Hit Ratios: 5min: 0.0%, 60min: 0.0%
Storage Swap size: 0 KB
Storage Mem size: 108 KB
Mean Object Size: 0.00 KB
Requests given to unlinkd: 0
Median Service Times (seconds) 5 min 60 min:
HTTP Requests (All): 0.00000 0.00000
Cache Misses: 0.00000 0.00000
Cache Hits: 0.00000 0.00000
Near Hits: 0.00000 0.00000
Not-Modified Replies: 0.00000 0.00000
DNS Lookups: 0.00000 0.00000
ICP Queries: 0.00000 0.00000
Resource usage for squid:
UP Time: 12.686 seconds
CPU Time: 0.008 seconds
CPU Usage: 0.06%
CPU Usage, 5 minute avg: 0.00%
CPU Usage, 60 minute avg: 0.00%
Process Data Segment Size via sbrk(): 2292 KB
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
Total space in arena: 2292 KB
Ordinary blocks: 2050 KB 3 blks
Small blocks: 0 KB 0 blks
Holding blocks: 240 KB 1 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 241 KB
Total in use: 2290 KB 90%
Total free: 241 KB 10%
Total size: 2532 KB
Memory accounted for:
Total accounted: 157 KB
memPoolAlloc calls: 1033
memPoolFree calls: 376
File descriptor usage for squid:
Maximum number of file descriptors: 1024
Largest file desc currently in use: 13
Number of file desc currently in use: 10
Files queued for open: 0
Available number of file descriptors: 1014
Reserved number of file descriptors: 100
Store Disk files open: 0
IO loop method: epoll
Internal Data Structures:
27 StoreEntries
27 StoreEntries with MemObjects
26 Hot Object Cache Items
0 on-disk objects
UPDATE: After the squid upgrade, my client downloads the first 4 megs at
full speed and afterwards it slows down to 60Kbytes/s. The same
behaviour is seen with different URLS.
Thanks in advance.
Matteo
