If you have 14 GB physical memory, it is not recommended to set cache_mem 14 GB. See the FAQ for more details: http://wiki.squid-cache.org/SquidFaq/SquidMemory Marcus On 07/20/2012 10:17 AM, Guido Marino Lorenzutti wrote:
Hi people! Im running 3.1.20 with ntlm and it works much better! I was using squid 2.7 and the ntlm was much slower. What I'm seeing strange is that the use of memory for cache is very low. Any suggestion to improve the use of my 14GB of ram ? This is my squid.conf: external_acl_type ldap_group ttl=1200 children=4 %LOGIN /usr/lib/squid3/squid_ldap_group -b "ou=Group,dc=SARASA,dc=COM" -f "(&(cn=%a)(memberuid=%v)(objectClass=posixgroup))" -h 100.0.0.1 -v3 -S -P cache_dir aufs /var/spool/squid3 28000 16 256 cache_mem 14 GB visible_hostname proxy.sarasa.com acl lan src 100.0.0.0/16 auth_param ntlm children 100 startup=0 idle=1 auth_param basic children 5 startup=0 idle=1 refresh_pattern ^http://.*\.facebook.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims http_port 3128 log_fqdn off cache_store_log none cache_log /var/log/squid3/cache_log.log access_log /var/log/squid3/access.log emulate_httpd_log on log_mime_hdrs off nonhierarchical_direct off prefer_direct on strip_query_terms on httpd_suppress_version_string on auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=SARASA auth_param ntlm keep_alive on authenticate_ttl 240 seconds authenticate_ip_ttl 10 minutes authenticate_cache_garbage_interval 2 hours auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --domain=SARASA auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 negative_ttl 5 minutes positive_dns_ttl 5 hours negative_dns_ttl 1 minutes half_closed_clients off connect_timeout 3 seconds cache_swap_low 85 cache_swap_high 95 maximum_object_size 800 MB maximum_object_size_in_memory 2 MB request_body_max_size 10 MB request_header_max_size 128 KB fqdncache_size 6144 cache_replacement_policy heap lfuda memory_replacement_policy lru pipeline_prefetch off client_persistent_connections on server_persistent_connections on hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY acl all src all acl govar dstdomain "/etc/squid3/accepted.govar" acl nomsnurl dstdomain "/etc/squid3/nomsn" acl accepted_dominios dstdomain "/etc/squid3/accepted.dominios" acl accepted_ips dst "/etc/squid3/accepted.ips" acl accepted_urls url_regex -i "/etc/squid3/accepted.urls" acl activate_ms url_regex -i "/etc/squid3/activate.ms" acl denied_dominios dstdomain "/etc/squid3/denied.dominios" acl denied_dominios_para_todos dstdomain "/etc/squid3/denied.dominios.para.todos" acl denied_expresiones url_regex -i "/etc/squid3/denied.expresiones" acl denied_promos url_regex -i "/etc/squid3/block.ads" acl denied_archivos urlpath_regex -i "/etc/squid3/denied.archivos" acl denied_ips dst "/etc/squid3/denied.ips" acl manager proto cache_object acl localhost src 127.0.0.1 acl SSL_MS_ports port 443 8443 acl SSL_ports port 443 563 1863 6667 4430 8443 acl Safe_ports port 21 acl Safe_ports port 80 acl Safe_ports port 443 563 acl Safe_ports port 631 acl Safe_ports port 3000 acl Safe_ports port 8181 acl Safe_ports port 1024 acl Safe_ports port 8087 acl Safe_ports port 2401 acl Safe_ports port 9418 acl Safe_ports port 14534 acl Safe_ports port 873 acl Safe_ports port 2095 acl Safe_ports port 8080 2480 8443 8180 1741 acl Safe_ports port 10080 acl Full_ports port 8081 acl Full_ports port 8180 acl Full_ports port 8181 acl Full_ports port 8090 acl Full_ports port 10000 acl Full_ports port 8383 acl Full_ports port 2280 acl Full_ports port 2288 acl Full_ports port 21 acl Full_ports port 20 acl Full_ports port 5900 acl Full_ports port 2082 acl Full_ports port 19638 acl Full_ports port 2082 acl Full_ports port 2095 acl Full_ports port 9001 acl Full_ports port 8443 acl Full_ports port 1741 acl auth proxy_auth REQUIRED acl noinet external ldap_group noinet acl fullinet external ldap_group fullinet acl linuxadmin external ldap_group linuxadmin acl nomsn external ldap_group nomsn acl nofacebook external ldap_group nofacebook acl facebook_domain dstdomain .facebook.com acl teamviewer browser DynGate acl teamviewersite dstdomain .teamviewer.com acl CONNECT method CONNECT acl PURGE method PURGE acl java_jvm browser Java/1.3 Java/1.4 Java/1.5 Java/1.6 http_access allow PURGE localhost http_access deny PURGE http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_MS_ports http_access allow localhost http_access allow activate_ms http_access deny teamviewer http_access deny teamviewersite http_access deny denied_dominios_para_todos http_access allow fullinet lan http_access allow fullinet Full_ports http_access allow linuxadmin all http_access allow accepted_dominios http_access allow accepted_ips http_access allow accepted_urls http_access allow govar http_access allow java_jvm http_access deny noinet all http_access deny denied_ips http_access deny denied_archivos http_access deny denied_expresiones http_access deny denied_dominios http_access deny nomsn nomsnurl http_access deny nofacebook facebook_domain http_access allow auth lan http_access deny all icp_access deny all acl delayed_pages url_regex -i "/etc/squid3/delayed_pages" delay_pools 1 delay_class 1 1 delay_parameters 1 16000/32000 delay_access 1 allow !linuxadmin delayed_pages acl snmppublic snmp_community public snmp_port 3401 snmp_access allow snmppublic localhost snmp_access deny all snmp_incoming_address 0.0.0.0 snmp_outgoing_address 255.255.255.255 And... this is my squidclient mgr:info Connection information for squid: Number of clients accessing cache: 61 Number of HTTP requests received: 2550426 Number of ICP messages received: 0 Number of ICP messages sent: 0 Number of queued ICP replies: 0 Number of HTCP messages received: 0 Number of HTCP messages sent: 0 Request failure ratio: 0.00 Average HTTP requests per minute since start: 4041.7 Average ICP messages per minute since start: 0.0 Select loop called: 59882415 times, 0.632 ms avg Cache information for squid: Hits as % of all requests: 5min: 6.9%, 60min: 7.0% Hits as % of bytes sent: 5min: 63.4%, 60min: 58.5% Memory hits as % of hit requests: 5min: 8.0%, 60min: 15.8% Disk hits as % of hit requests: 5min: 21.3%, 60min: 31.3% Storage Swap size: 24371196 KB Storage Swap capacity: 85.0% used, 15.0% free Storage Mem size: 365584 KB Storage Mem capacity: 2.5% used, 97.5% free Mean Object Size: 25.85 KB Requests given to unlinkd: 0 Median Service Times (seconds) 5 min 60 min: HTTP Requests (All): 0.00091 0.00091 Cache Misses: 0.27332 0.32154 Cache Hits: 0.00562 0.00562 Near Hits: 0.03066 0.06286 Not-Modified Replies: 0.00179 0.00286 DNS Lookups: 0.14912 0.22276 ICP Queries: 0.00000 0.00000 Resource usage for squid: UP Time: 37862.000 seconds CPU Time: 5896.256 seconds CPU Usage: 15.57% CPU Usage, 5 minute avg: 46.89% CPU Usage, 60 minute avg: 48.09% Process Data Segment Size via sbrk(): 642400 KB Maximum Resident Size: 2564880 KB Page faults with physical i/o: 0 Memory usage for squid via mallinfo(): Total space in arena: 642532 KB Ordinary blocks: 640345 KB 481 blks Small blocks: 0 KB 0 blks Holding blocks: 37412 KB 11 blks Free Small blocks: 0 KB Free Ordinary blocks: 2186 KB Total in use: 677758 KB 100% Total free: 2186 KB 0% Total size: 679944 KB Memory accounted for: Total accounted: 555509 KB 82% memPool accounted: 555508 KB 82% memPool unaccounted: 124435 KB 18% memPoolAlloc calls: 554345828 memPoolFree calls: 554714271 File descriptor usage for squid: Maximum number of file descriptors: 65535 Largest file desc currently in use: 1283 Number of file desc currently in use: 933 Files queued for open: 0 Available number of file descriptors: 64602 Reserved number of file descriptors: 100 Store Disk files open: 0 Internal Data Structures: 943411 StoreEntries 17758 StoreEntries with MemObjects 17733 Hot Object Cache Items 942951 on-disk objects Tnxs in advance.
