Re: [squid-users] Slow performance through Squid

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 12 Aug 2010 03:40:46 +0000

On Wed, 11 Aug 2010 17:41:04 -0500, Luis Daniel Lucio Quiroz
<luis.daniel.lucio_at_gmail.com> wrote:
> Le mercredi 11 août 2010 15:39:52, fRANz a écrit :
>> Hi,
>>
>> for personal use I've a Soekris net4801 board with OpenBSD and Squid
>> as firewall and proxy server.
>> Squid works in transparent mode on the same Soekris board, pf send to
>> it http traffic with an rdr rule:
>>
>> rdr pass inet proto tcp from $prv_ad to any port 80 \
>> -> 127.0.0.1 port 3128
>>
>> Without rdr rule (so without Squid), Speedtest reports 3.5Mbps as
>> download speed, when I enable rdr speed goes down to only 2.6Mbps.
>> How can I improve my Squid config to reach 3.5Mbps?!
>>
>> More details:
>> board: Soekris net4801
>> os: OpenBSD 4.6
>> squid: squid-2.7.STABLE6
>>
>> - squid config: -------------------------------------------------
>> http_port 127.0.0.1:3128 transparent
>> visible_hostname proxy.local.domain
>> cache_mgr root_at_local.domain

Sigh. So the remote admin who want to contact you about problems they
encounter coming out of your proxy are supposed to email root_at_local.domain
about the host at proxy.local.domain?. Very helpful :(

>>
>> acl CONNECT method CONNECT
>> acl all src 0.0.0.0/0.0.0.0
>> acl restr src 192.168.100.50 192.168.100.51 \
>> 192.168.100.52 192.168.100.53 192.168.100.54
>> acl tutto src 192.168.100.0/255.255.255.0

 acl all src all
 acl restr src 192.168.100.50-192.168.100.54
 acl tutto src 192.168.100.0/24

:)

>> acl localhost src 127.0.0.1
>> acl filetypes urlpath_regex -i "/etc/squid/extra/filetypes"
>> acl adservers dstdomain "/etc/squid/extra/adservers"
>> acl whitelist dstdomain "/etc/squid/extra/whitelist"
>> acl Skype_UA browser ^skype^
>>
>> cache deny all
>> http_access allow whitelist
>> http_access deny adservers
>> http_access allow CONNECT localhost Skype_UA
>> http_access allow tutto !restr
>> http_access deny restr filetypes
>> http_access allow restr
>> http_access deny all
>>
>> access_log syslog:daemon.info
>> emulate_httpd_log on

Um. Logging to syslog in apache format. Okay.

  access_log syslog:daemon.info common

>> cache_log /dev/null

Please at least start Squid with the command line options -s or -l which
will pipe the critical process errors into your syslog as well.

>> cache_store_log none
>>
---------------------------------------------------------------------------
>> -
>>
>> Let me know if futher information are required.
>> Thank you for any tips,
>> -f
> As far as i know soekris boxes, i also install linux on them, this
coould
> be
> because IO. Try disabling your cache_dir cache, only use memory cache.
> This
> should improve performance.

Particularly since you have "cache deny all" anyway. That change will make
the temporary holding objects not cycle through disk in transit only to be
deleted.

Amos
Received on Thu Aug 12 2010 - 03:40:49 MDT

This archive was generated by hypermail 2.2.0 : Thu Aug 12 2010 - 12:00:03 MDT