Would it be smart to benchmark squid during the day by running a script that fetches a file every 5 seconds and times the amount of time it took to download? Iam sure there might be better ways. Andres On Fri, Oct 16, 2009 at 3:30 PM, Andres Salazar <ndrsslzr80@xxxxxxxxx> wrote: > Hello, > > I have 30 users who browse the internet all day through squid. My > version is squid-2.7.STABLE6 . I started squid with 5024 file > descriptors, cache is disabled and its a machine solely dedicated to > this with P4 CPU with PowerEdge 600SC and 1GB RAM. > > The problem is that intermittently during the day one or another user > for a few minutes opens pagesand they just take forever to download. > The strange part is that when it happens to some users it doesnt > happen simulteanously to all the others. They are ubuntu users with > firefox. > > Its extremely hard to diagnose this because its very hard to catch and > sometimes when the tech arrives all the pages start loading fine. Even > google would hang. > > There is no packet loss to the proxy server, and load on the CPU is > low according to top. > > > What tool can I use to pinpoint exactly where the problem is? > > > cache_dir null /dev/null > auth_param basic program /usr/local/libexec/ncsa_auth /etc/squid/squid_passwd > acl all src all > acl manager proto cache_object > acl localhost src 127.0.0.1/32 > acl to_localhost dst 127.0.0.0/8 > acl localnet src 10.0.0.0/8 # RFC1918 possible internal network > acl localnet src 172.16.0.0/12 # RFC1918 possible internal network > acl localnet src 192.168.0.0/16 # RFC1918 possible internal network > acl SSL_ports port 443 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > acl ncsa_users proxy_auth REQUIRED > http_access allow manager localhost > http_access deny manager > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow localnet > http_access allow all > icp_access allow localnet > icp_access deny all > reply_body_max_size 512000 deny all > http_port 8080 transparent > hierarchy_stoplist cgi-bin ? > access_log /var/squid/logs/access.log squid > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 > refresh_pattern . 0 20% 4320 > acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] > upgrade_http0.9 deny shoutcast > via off > acl apache rep_header Server ^Apache > broken_vary_encoding allow apache > header_replace User-Agent Nutscrape/1.0 (CP/M; 8-bit) > max_filedescriptors 5024 > forwarded_for off > coredump_dir /var/squid/cache > > > Thank you. > > Regards, > Andres >
