On 17/05/24 02:23, Bolinhas André wrote:
Hi Alex
Has I explain, by default I set those directives to off to avoid high
cpu consumption.
Ah, actually with NTLM auth you are using *more* CPU per transaction
with those turned off.
The thing is that auth takes a relatively long time to happen, so the
transactions are slower. Hiding the fact that they are, in total, using
more CPU and TCP networking resources.
My doubt is enabling persistent connection will help squid to process
the request more efficiently and gain more performance or not.
With persistent connections disabled, every client request must:
1) wait for a TCP socket to become free for use
2) perform a full SYN / SYN+ACK exchange to open it for use
3) perform a NTLM challenge-response over HTTP
4) wait for a second TCP socket to become free for use
5) perform a full SYN / SYN+ACK exchange to open it for use
6) perform the actual HTTP NTLM authenticated transaction.
Then
7) locate a server that can be used
8) wait for a TCP socket to become free for use
9) perform a full SYN / SYN+ACK exchange to open it for use
10) send the request on to the found server
That is a LOT of time, CPU, and networking.
With persistent connections enabled, only the first request looks like
above. The second, third etc look like below:
11) perform the HTTP NTLM authenticated transaction.
Then
12) locate a server that can be used
13) send the request on to the found server
14) perform the HTTP NTLM authenticated transaction.
Then
15) locate a server that can be used
16) send the request on to the found server
That is MUCH better for performance.
HTH
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
