Le mercredi 7 octobre 2009 04:55:00, Amos Jeffries a écrit : > Luis Daniel Lucio Quiroz wrote: > > Le mardi 6 octobre 2009 18:57:34, Amos Jeffries a écrit : > >> On Tue, 6 Oct 2009 17:57:24 -0500, Luis Daniel Lucio Quiroz > >> > >> <luis.daniel.lucio@xxxxxxxxx> wrote: > >>> Hi Squids, > >>> > >>> Using Squid 3.0.19 we're having problems adding one more ACL. Our > >>> configuration has about 2000 http_access and about 2500 acl's. > >>> > >>> Now, adding one more acl, or even modifying a file pointed by an acl > >>> such as > >>> acl myacl dstregexp "myfile", our squid is slowing to much. > >>> > >>> Symtopms: > >>> - squid -k pharse, OK > >>> - squid -k reconfigure, squid slows. cache.log says squid is reloading > >> > >> but > >> > >>> it > >>> is too slow, squid process begins to uses about 99% of cpu. No "dying" > >>> message > >>> at log. > >>> > >>> I wonder to know if there is a maximun in squid acl, https, regexp. > >> > >> No defined limits as such. It's just long lists/trees that need to be > >> walked over individually on each use and built on reconfigure. > >> > >> The http_access list get walked once per request. Each ACL (mostly > >> trees, some lists) get walked once per test. How fast or slow really > >> depends on what types of ACL and what order you place them in > >> http_access. > >> > >> Why do you have so many? > >> > >> Amos > > > > So many, > > see my debug here http://pastebin.com/f197606fa > > from lines 58-62, helpers delay too much. This is not a little machine, > > it is 8 cpus amd @3.2Ghz, 64 bits, with 64 GB in RAM. > > If we remove any ACL we've added, this does not occur. > > I see only three (3) ACL in that trace. > > The lines you point at for delay are helpers booting up, not related to > ACL directly. > > The reported problem might have something to do with it: > digest_pw_auth(LDAP_backend) WARNING, LDAP error 'No such object' > > LDAP looking for and failing to find something it's configured to check > of is likely to take a while. Or maybe that means the LDAP backend is > not available at the startup time. Both problems equally as bad. > > Amos > I did http://bugs.squid-cache.org/show_bug.cgi?id=2796 with all information I have
