Multiple hard disks, and spreading out Squid's logs and cache dirs onto separate disks, helps a lot. The big prod squid environment I was running for a while used 4 disks - 1 OS, 1 logs, 2 separate aufs cache disks. If you can't do that with your hardware, even adding a second hard drive, with logs on the OS disk and the cache on the second disk, will help some. -george On Tue, Oct 13, 2009 at 10:52 AM, Mariel Sebedio <msebedio@xxxxxxxxxxxx> wrote: > Hello, I have a problem with the Squid performance. > > I have a RHEL 5.4 whit Squid 3.0STABLE19 compiled with the following > options: '--prefix=/usr' '--sysconfdir=/etc/squid' '--enable-snmp' > '--enable-cache-digest' '--enable-err-language=Spanish' > '--enable-delay-pools' > > The hardware of the Proxy server machine is: > > processor : 0 > vendor_id : GenuineIntel > cpu family : 15 > model : 4 > model name : Intel(R) Pentium(R) 4 CPU 3.00GHz > stepping : 1 > cpu MHz : 3000.177 > cache size : 1024 KB > physical id : 0 > siblings : 2 > core id : 0 > cpu cores : 1 > apicid : 0 > fdiv_bug : no > hlt_bug : no > f00f_bug : no > coma_bug : no > fpu : yes > fpu_exception : yes > cpuid level : 5 > wp : yes > flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat > pse36 clflush dts > acpi mmx fxsr sse sse2 ss ht tm pbe nx constant_tsc pni monitor ds_cpl cid > xtpr > bogomips : 5999.92 > > The filesystem information is this: > > Filesystem 1K-blocks Used Available Use% Mounted on > /dev/sda2 5080828 4252116 566452 89% / > /dev/sda5 141129204 2496448 131348084 2% /var > /dev/sda1 101086 11303 84564 12% /boot > tmpfs 1031764 0 1031764 0% /dev/shm > > The top output > > top - 09:50:08 up 3 days, 17:07, 1 user, load average: 0.09, 0.06, 0.01 > Tasks: 88 total, 1 running, 87 sleeping, 0 stopped, 0 zombie > Cpu(s): 0.5%us, 0.5%sy, 0.0%ni, 98.5%id, 0.0%wa, 0.2%hi, 0.3%si, > 0.0%st > Mem: 2063532k total, 2001504k used, 62028k free, 199476k buffers > Swap: 5245212k total, 0k used, 5245212k free, 1415224k cached > > The ammount of connections oscilates between 400-600. ([]# netstat -an |grep > STABL |wc -l) > I can see that when I request a page it takes a long time to appear on > my browser, and If at that moment I look at the option "Client-side > Active Requests" on the statistics, I can't see anything referring to my > request > > It also takes a lot of time for the request to appear in the access.log > > When I have a page request, it doesn't arrive in a short period of time, > So I stop my browser and resend it, and it arrives quickly the second > time. > > Is there something wrong with my squid.conf or my kernel configuration. > Any suggestions of where to look or what to change to improve > performance? > > How can I determine if it is a matter of DNS response or squid > congestion or simply a delay related to the page requested itself? > > Thanks in advance for the help. > > My squid.conf is there: > authenticate_cache_garbage_interval 3600 seconds > authenticate_ttl 3600 seconds > authenticate_ip_ttl 0 seconds > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1 > acl to_localhost dst 0.0.0.0 127.0.0.0/255.0.0.0 > acl mynet src "/etc/squid/mynet" ###### allow over 400 Ips > acl snmppublic snmp_community proxy > acl administrador src "/etc/squid/administradores" ###### only 3 Ips > acl SSL_ports port 443 > acl Safe_ports port 80 81 21 443 70 210 1025-65535 280 488 591 777 > acl CONNECT method CONNECT > http_access Allow manager administrador > http_access Deny manager > http_access Deny !Safe_ports > http_access Deny CONNECT !SSL_ports > http_access Allow mynet > http_access Deny all > icp_access Allow mynet > icp_access Deny all > htcp_access Allow mynet > htcp_access Deny all > htcp_clr_access Deny all > ident_lookup_access Deny all > http_port 0.0.0.0:3128 > dead_peer_timeout 10 seconds > hierarchy_stoplist cgi-bin > hierarchy_stoplist ? > cache_mem 33554432 bytes > maximum_object_size_in_memory 8192 bytes > memory_replacement_policy lru > cache_replacement_policy lru > cache_dir ufs /var/spool/squid/cache 80000 16 256 IOEngine=Blocking > store_dir_select_algorithm least-load > max_open_disk_fds 0 > minimum_object_size 0 bytes > maximum_object_size 4194304 bytes > cache_swap_low 90 > cache_swap_high 95 > access_log /var/log/squid/access.log squid > cache_log /var/log/squid/cache.log > cache_store_log /var/log/squid/store.log > logfile_rotate 9 > emulate_httpd_log off > log_ip_on_direct on > mime_table /etc/squid/mime.conf > log_mime_hdrs off > pid_filename /var/run/squid.pid > debug_options ALL,1 > log_fqdn off > client_netmask 255.255.255.255 > strip_query_terms on > buffered_logs off > ftp_user anonymous@xxxxxxxxxx > ftp_list_width 32 > ftp_passive on > ftp_sanitycheck on > ftp_telnet_protocol on > diskd_program /usr/libexec/diskd > unlinkd_program /usr/libexec/unlinkd > url_rewrite_children 5 > url_rewrite_concurrency 0 > url_rewrite_host_header on > url_rewrite_bypass off > refresh_pattern ^ftp: 1440 20% 10080 > > refresh_pattern ^gopher: 1440 0% 1440 > > refresh_pattern (cgi-bin|\?) 0 0% 0 > > refresh_pattern . 0 20% 4320 > > quick_abort_min 16 KB > quick_abort_max 16 KB > quick_abort_pct 95 > read_ahead_gap 16384 bytes > negative_ttl 300 seconds > positive_dns_ttl 21600 seconds > negative_dns_ttl 60 seconds > range_offset_limit 0 bytes > minimum_expiry_time 60 seconds > store_avg_object_size 13 KB > store_objects_per_bucket 20 > request_header_max_size 20480 bytes > reply_header_max_size 20480 bytes > request_body_max_size 0 bytes > chunked_request_body_max_size 65536 bytes > via on > ie_refresh off > vary_ignore_expire off > request_entities off > relaxed_header_parser on > forward_timeout 240 seconds > connect_timeout 60 seconds > peer_connect_timeout 30 seconds > read_timeout 900 seconds > request_timeout 300 seconds > persistent_request_timeout 120 seconds > client_lifetime 86400 seconds > half_closed_clients off > pconn_timeout 60 seconds > ident_timeout 10 seconds > shutdown_lifetime 30 seconds > cache_mgr soporte@xxxxxxxxxx > mail_program mail > cache_effective_user squid > cache_effective_group squid > httpd_suppress_version_string off > visible_hostname proxy134.XXX.com.ar > umask 23 > announce_period 31536000 seconds > announce_host tracker.ircache.net > announce_port 3131 > delay_pools 0 > delay_initial_bucket_level 50 > wccp_router 0.0.0.0 > wccp_version 4 > wccp2_rebuild_wait on > wccp2_forwarding_method 1 > wccp2_return_method 1 > wccp2_assignment_method 1 > wccp2_service standard 0 > wccp2_weight 10000 > wccp_address 0.0.0.0 > wccp2_address 0.0.0.0 > client_persistent_connections on > server_persistent_connections on > persistent_connection_after_error off > detect_broken_pconn off > snmp_port 3401 > snmp_access Allow snmppublic localhost > snmp_access Deny all > snmp_incoming_address 0.0.0.0 > snmp_outgoing_address 255.255.255.255 > icp_port 3130 > htcp_port 0 > log_icp_queries on > udp_incoming_address 0.0.0.0 > udp_outgoing_address 255.255.255.255 > icp_hit_stale off > minimum_direct_hops 4 > minimum_direct_rtt 400 > netdb_low 900 > netdb_high 1000 > netdb_ping_period 300 seconds > query_icmp off > test_reachability off > icp_query_timeout 0 > maximum_icp_query_timeout 2000 > minimum_icp_query_timeout 5 > background_ping_rate 10 seconds > mcast_icp_query_timeout 2000 > icon_directory /usr/share/icons > global_internal_static on > short_icon_urls on > error_directory /usr/share/errors/templates > err_html_text > email_err_data on > nonhierarchical_direct on > prefer_direct off > incoming_icp_average 6 > incoming_http_average 4 > incoming_dns_average 4 > min_icp_poll_cnt 8 > min_dns_poll_cnt 8 > min_http_poll_cnt 8 > tcp_recv_bufsize 0 bytes > check_hostnames off > allow_underscore on > dns_retransmit_interval 5 seconds > dns_timeout 120 seconds > dns_defnames off > hosts_file /etc/hosts > dns_testnames netscape.com > dns_testnames internic.net > dns_testnames nlanr.net > dns_testnames microsoft.com > ignore_unknown_nameservers on > ipcache_size 1024 > ipcache_low 90 > ipcache_high 95 > fqdncache_size 1024 > memory_pools on > memory_pools_limit 5242880 bytes > forwarded_for on > cachemgr_passwd XXXXXXXXXX all > client_db on > refresh_all_ims off > reload_into_ims off > maximum_single_addr_tries 1 > retry_on_error off > as_whois_server whois.ra.net > offline_mode off > uri_whitespace strip > coredump_dir /var/spool/squid/cache > balance_on_multiple_ip on > pipeline_prefetch off > high_response_time_warning 0 > high_page_fault_warning 0 > high_memory_warning 0 bytes > sleep_after_fork 0 > windows_ipaddrchangemonitor on > > -- > Lic. Mariel Sebedio > Division Computos y Sistemas > Tel (02944)-445400 int 2307 > INVAP S.E. - www.invap.com.ar > > -- -george william herbert george.herbert@xxxxxxxxx
