On 13/08/11 01:26, Nitin Chandrachoodan wrote:
Hello, I am running squid-2.7.STABLE7 and we are experiencing poor performance (very slow page loads, timeouts etc.). This is in a large campus setting with a few thousand users. One observation is that the elapsed time for HTTPS CONNECT operations looks like below. Are these numbers normal, or too high? Over longer durations, I find many values clustered around 60000, 120000, 240000 etc., which makes me suspect timeouts. The elapsed times for GET and POST are better. For example $ sudo tail -f /var/log/squid/access.log | grep CONNECT 1313146579.775 215331 10.91.0.31 TCP_MISS/200 27133 CONNECT s.yimg.com:443 - DIRECT/118.214.109.227 - 1313146579.775 215346 10.91.0.31 TCP_MISS/200 34679 CONNECT s.yimg.com:443 - DIRECT/118.214.109.227 -
<snip>
As you can see, the elapsed time for CONNECT (~81s average) is far higher than the others (about 3-4s average). Is this just due to connections being kept alive, or is there something else likely wrong? Also, do the average numbers for the others look normal or are they too high?
keep-alive is not related to any of this. The measure in your log is for the transafer of that individual HTTP request.
What you need to know is that GET/POST etc are individual object transfers and only last as long as it takes the server to generate and transfer the object bytes across.
CONNECT is different. A binary tunnel. There are no actual limits on what can be inside or when that will finish. For port 443 tunnels each one usually has many encrypted requests going on inside it behind the encryption. The duration lasts as long as the things inside require.
I can't really speak to whether those sizes are normal. But a few minutes hardly seems out of place considering the above. Depends on how ling the client is browsing a particular HTTPS website.
Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.14 Beta testers wanted for 3.2.0.10
