Mmm I should have put the list in copy.
Anyways, as requested, a bit more details.
'Typical day' is around 8 hours (only one timezone) of worktime so
that'd be around 55 queries a sec on each machine. But obviously the
load is not equally spread over the day, so we get over 100 req/s at
peak hours on the local machines.
I'm gathering stats with a (very) basic parser of manager output and
injecting this in Cacti (http://www.cacti.net/) for (basic) performance
graphing.
Hardware details here : http://www.sun.com/servers/entry/v210/
Caches are at 40GB on each machine (2x20GB on different disks)
All systems running Solaris 8.
cache_swap_low and cache_swap_high are kept at the same value : 95%
otherwise the cleaning of the cache is too disruptive.
Got to use the sleep_after_fork parameter (set at 500 microseconds) for
starting the 30 ntlm_auth processes (queue gets as high as 17 sometimes,
AD's not performing so well..) and half as many squid_ldap_group.
Note that squid_ldap_group is only used in some acls, so it's not so
often started.
Otherwise, as we're running an independant namespace from internet, got
to avoid DNS resolving on the internal proxy for Internet addresses.
Basically, I'm not doing anything with destination ip based access lists.
ACLs are pretty long (several hundred lines) but mainly based on
dstdomain, so parsing is fast enough.
Hope this helps
François
> Hello,
>
> My company is now running a Squid internet access
> environment with NTLM authentication and
> squid_ldap_group for authorizations.
> We have around 15000 users on this infra.
> It's a two-layered infrastructure, with proxies in a
> firewall environment doing cache & anonymisation and
> proxies on the internal network doing client
> authentication and rules enforcement.
> We're running Squid 2.5-Stable12 and preparing the
> upgrade to Stable13.
>
> The users are spread on eight internal servers which
> use two DMZ proxies.
> All that runs on SUN V210 with 2GB of memory.
> CPU usage is around 30% on internal machines, 40% on
> DMZ machines.
>
> From calamaris (sum of all internal machines), in a
> typical day :
>
> Proxy statistics
> Total amount: requests 12804840
> Total amount cached: requests 7897308
> Request hit rate: % 61.67
> Total Bandwidth: Byte 47067M
> Bandwidth savings: Byte 8543M
>
> After a bit of tweaking (all of it documented either
> in MLs or FAQ) I haven't seen any major problem.
> I just have two machines whereon the process crashes
> occasionally, with a 'Bus error' message but it
> restarts spontaneously instantly. I'll try Squid-2.5
> Stable13 and a different compiler (using Sun studio
> now) before calling for help..
>
>
> Francois
>
>
>
Received on Mon May 08 2006 - 16:04:21 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT