On 6/03/2013 3:14 a.m., Ahmad wrote:
hi ,.
i have centos 64 bit with kernel 3.7.5 compiled with tproxy features .
i noted that in rush hour , squid squid guard is bypassing .
Are you basing that on the "detected possible bypass attack" messages
mentioned in threads from days back?
... that would mean the same thing if it were worded "detected possible
attack" without naming the type of attack found.
i noted that squid is using only 1 cpu .
Yes. Squid has always been that way.
Having a dedicated CPU does not necessarily mean slow - the OS and
helpers can use the other(s).
here is output sample:
===============
[root@squid squid-3.3.1]# mpstat -u
Linux 3.7.5 (squid) 03/05/2013 _x86_64_ (24 CPU)
09:10:10 AM CPU %usr %nice %sys %iowait %irq %soft %steal
%guest %idle
09:10:10 AM all 5.10 0.00 1.70 14.09 0.00 0.44 0.00
0.00 78.67
[root@squid squid-3.3.1]# mpstat -P ALL
Linux 3.7.5 (squid) 03/05/2013 _x86_64_ (24 CPU)
09:10:17 AM CPU %usr %nice %sys %iowait %irq %soft %steal
%guest %idle
09:10:17 AM all 5.10 0.00 1.70 14.09 0.00 0.44 0.00
0.00 78.67
09:10:17 AM 0 8.63 0.00 2.67 30.17 0.00 0.15 0.00
0.00 58.37
09:10:17 AM 1 12.35 0.01 4.50 27.91 0.00 0.44 0.00
0.00 54.79
09:10:17 AM 2 5.51 0.00 1.96 27.65 0.00 0.06 0.00
0.00 64.81
09:10:17 AM 3 7.17 0.00 2.16 22.10 0.00 0.06 0.00
0.00 68.51
09:10:17 AM 4 5.15 0.00 1.93 27.29 0.00 0.06 0.00
0.00 65.56
09:10:17 AM 5 7.63 0.00 1.83 18.54 0.00 0.06 0.00
0.00 71.93
09:10:17 AM 6 5.18 0.00 1.90 28.46 0.00 0.07 0.00
0.00 64.40
09:10:17 AM 7 6.73 0.00 1.45 14.06 0.00 0.05 0.00
0.00 77.70
09:10:17 AM 8 5.19 0.00 1.82 28.47 0.00 0.06 0.00
0.00 64.46
09:10:17 AM 9 6.95 0.00 1.28 10.67 0.00 0.04 0.00
0.00 81.06
09:10:17 AM 10 5.54 0.00 1.78 28.10 0.00 0.06 0.00
0.00 64.51
09:10:17 AM 11 6.68 0.00 1.25 9.02 0.00 0.05 0.00
0.00 83.00
09:10:17 AM 12 1.30 0.00 0.43 9.27 0.00 0.00 0.00
0.00 89.00
09:10:17 AM 13 8.05 0.00 3.83 2.68 0.00 2.61 0.00
0.00 82.83
09:10:17 AM 14 3.37 0.00 1.55 7.86 0.00 0.79 0.00
0.00 86.43
09:10:17 AM 15 6.85 0.00 3.27 2.39 0.00 2.12 0.00
0.00 85.36
09:10:17 AM 16 3.49 0.00 1.61 8.03 0.00 0.83 0.00
0.00 86.03
09:10:17 AM 17 1.78 0.00 0.20 3.02 0.00 0.12 0.00
0.00 94.87
09:10:17 AM 18 1.24 0.00 0.38 8.08 0.00 0.00 0.00
0.00 90.29
09:10:17 AM 19 4.86 0.00 2.17 2.64 0.00 1.51 0.00
0.00 88.82
09:10:17 AM 20 1.15 0.00 0.34 8.03 0.00 0.00 0.00
0.00 90.48
09:10:17 AM 21 5.07 0.00 2.27 2.26 0.00 1.57 0.00
0.00 88.83
09:10:17 AM 22 1.16 0.00 0.35 8.83 0.00 0.00 0.00
0.00 89.66
09:10:17 AM 23 1.75 0.00 0.16 1.75 0.00 0.00 0.00
0.00 96.34
These all appear to be idle. Why would it be a good thing to swap the
main Squid running state between CPU caches at peak load time?
That wastes time and cycles.
Squid is designed to take one CPU and use it to max capacity - the code
is not using that capacity very efficiently yet but we are working on
that (assistance welcome).
===========================
now i will try to migrate to squid 3.2 to the stable version ,
i had a look on
http://wiki.squid-cache.org/ConfigExamples/MultiCpuSystem
now if i use squid 3.2 stable , will it support smp feature of using
multiple cpu by default or i have compile it with smp enable ?
also ,
do i need more config to operate smp on it is configured by default ???
The default (at present) is that SMP support is built in when available
at build time but disabled in the default configuration.
You need to set a SMP worker count to enable it.
http://www.squid-cache.org/Doc/config/workers/
Note carefully the list of things on that SMP scaling wiki page whoch
are listed as *NOT* supporting SMP yet, and how to prepare your
configuration of them for SMP usage.
Amos
