Ananth wrote:
Dear Team,
I have configure squid 3.1 on Fedora core 12.
my hardware configuration:
CPU INFO: Intel(R) Xeon(R) CPU E5440 @ 2.83GHz
RAM : 8 GB
HDD : 160 GB
The problem i m facing is when my http requests are above 130 hist per
second the pages start browsing slow and time out i cant even access
cachemanager. if the http hit rate is below 130 hist per second it
fine. please check if my configuration is correct. sorry for my poor
english.
Thanks,
Ananth B.R.
Looks fairly good. There are a few tweaks I'll mention inline.
my configuration is as fallows:
########### Start of squid.conf #created by ANANTH#############
cache_effective_user squid
cache_effective_group squid
http_port 3128 transparent
cache_dir ufs /var/spool/squid 16384 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
logfile_rotate 7
emulate_httpd_log on
emulate_httpd_log does a little bit of extra work to generate dates etc.
If you can use the native squid log format its faster.
"emulate_httpd_log on" is also deprecated in favor of setting the
"custom" format type on access_log lines.
cache_mem 2 GB
maximum_object_size_in_memory 512 KB
Memory objects are faster then disk ones in Squid and 3.x do not have
the large object size failures that 2.x has.
The more memory stuff you can do in the newer Squid the faster those
requests are done with and new ones can be handled.
memory_replacement_policy lru
cache_replacement_policy lru
heap tends to be the replacement policy favored by high-performance
people. It's up to you though.
maximum_object_size 64 MB
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
Drop the above three lines. They are doing extra work that is not really
needed.
hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 40% 4320
#acl all src 0.0.0.0/0
##Define your network below
acl mynetwork src 192.168.106.0/24 # cbinetwork private
acl mynetwork src 192.168.107.0/24 # cbinetwork private
acl mynetwork src 192.168.110.0/24 # cbinetwork private
acl mynetwork src 192.168.120.0/24 # cbinetwork private
acl mynetwork src 192.168.121.0/24 # cbinetwork private
acl mynetwork src 192.168.130.0/24 # cbinetwork private
acl mynetwork src 192.168.150.0/24 # cbinetwork private
acl mynetwork src 192.168.151.0/24 # cbinetwork private
acl mynetwork src 10.100.101.0/24 # cbinetwork private
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl localhost src ::1/128
acl to_localhost dst 127.0.0.0/8
acl to_localhost dst ::1/128
acl purge method PURGE
acl CONNECT method CONNECT
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 1025-65535 #unregistered ports
acl SSL_ports port 443 563
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow mynetwork
# http_access deny all
For peak performance I'd order the above lines a little differently and
remove some. Give these a test out:
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny manager
http_access deny purge
http_access allow mynetwork
# http_access deny all
http_reply_access allow all
icp_access allow mynetwork
# icp_access deny all
visible_hostname proxy.xxx.xx
coredump_dir /var/spool/squid
######## End of squid.conf ##########
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.1
