Hi people!
Im running 3.1.20 with ntlm and it works much better! I was using
squid 2.7 and the ntlm was much slower.
What I'm seeing strange is that the use of memory for cache is very
low. Any suggestion to improve the use of my 14GB of ram ?
This is my squid.conf:
external_acl_type ldap_group ttl=1200 children=4 %LOGIN
/usr/lib/squid3/squid_ldap_group -b "ou=Group,dc=SARASA,dc=COM" -f
"(&(cn=%a)(memberuid=%v)(objectClass=posixgroup))" -h 100.0.0.1 -v3 -S
-P
cache_dir aufs /var/spool/squid3 28000 16 256
cache_mem 14 GB
visible_hostname proxy.sarasa.com
acl lan src 100.0.0.0/16
auth_param ntlm children 100 startup=0 idle=1
auth_param basic children 5 startup=0 idle=1
refresh_pattern ^http://.*\.facebook.*/.* 720 100% 10080
override-expire override-lastmod reload-into-ims
http_port 3128
log_fqdn off
cache_store_log none
cache_log /var/log/squid3/cache_log.log
access_log /var/log/squid3/access.log
emulate_httpd_log on
log_mime_hdrs off
nonhierarchical_direct off
prefer_direct on
strip_query_terms on
httpd_suppress_version_string on
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp --domain=SARASA
auth_param ntlm keep_alive on
authenticate_ttl 240 seconds
authenticate_ip_ttl 10 minutes
authenticate_cache_garbage_interval 2 hours
auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic --domain=SARASA
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
negative_ttl 5 minutes
positive_dns_ttl 5 hours
negative_dns_ttl 1 minutes
half_closed_clients off
connect_timeout 3 seconds
cache_swap_low 85
cache_swap_high 95
maximum_object_size 800 MB
maximum_object_size_in_memory 2 MB
request_body_max_size 10 MB
request_header_max_size 128 KB
fqdncache_size 6144
cache_replacement_policy heap lfuda
memory_replacement_policy lru
pipeline_prefetch off
client_persistent_connections on
server_persistent_connections on
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl all src all
acl govar dstdomain "/etc/squid3/accepted.govar"
acl nomsnurl dstdomain "/etc/squid3/nomsn"
acl accepted_dominios dstdomain "/etc/squid3/accepted.dominios"
acl accepted_ips dst "/etc/squid3/accepted.ips"
acl accepted_urls url_regex -i "/etc/squid3/accepted.urls"
acl activate_ms url_regex -i "/etc/squid3/activate.ms"
acl denied_dominios dstdomain "/etc/squid3/denied.dominios"
acl denied_dominios_para_todos dstdomain
"/etc/squid3/denied.dominios.para.todos"
acl denied_expresiones url_regex -i "/etc/squid3/denied.expresiones"
acl denied_promos url_regex -i "/etc/squid3/block.ads"
acl denied_archivos urlpath_regex -i "/etc/squid3/denied.archivos"
acl denied_ips dst "/etc/squid3/denied.ips"
acl manager proto cache_object
acl localhost src 127.0.0.1
acl SSL_MS_ports port 443 8443
acl SSL_ports port 443 563 1863 6667 4430 8443
acl Safe_ports port 21
acl Safe_ports port 80
acl Safe_ports port 443 563
acl Safe_ports port 631
acl Safe_ports port 3000
acl Safe_ports port 8181
acl Safe_ports port 1024
acl Safe_ports port 8087
acl Safe_ports port 2401
acl Safe_ports port 9418
acl Safe_ports port 14534
acl Safe_ports port 873
acl Safe_ports port 2095
acl Safe_ports port 8080 2480 8443 8180 1741
acl Safe_ports port 10080
acl Full_ports port 8081
acl Full_ports port 8180
acl Full_ports port 8181
acl Full_ports port 8090
acl Full_ports port 10000
acl Full_ports port 8383
acl Full_ports port 2280
acl Full_ports port 2288
acl Full_ports port 21
acl Full_ports port 20
acl Full_ports port 5900
acl Full_ports port 2082
acl Full_ports port 19638
acl Full_ports port 2082
acl Full_ports port 2095
acl Full_ports port 9001
acl Full_ports port 8443
acl Full_ports port 1741
acl auth proxy_auth REQUIRED
acl noinet external ldap_group noinet
acl fullinet external ldap_group fullinet
acl linuxadmin external ldap_group linuxadmin
acl nomsn external ldap_group nomsn
acl nofacebook external ldap_group nofacebook
acl facebook_domain dstdomain .facebook.com
acl teamviewer browser DynGate
acl teamviewersite dstdomain .teamviewer.com
acl CONNECT method CONNECT
acl PURGE method PURGE
acl java_jvm browser Java/1.3 Java/1.4 Java/1.5 Java/1.6
http_access allow PURGE localhost
http_access deny PURGE
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_MS_ports
http_access allow localhost
http_access allow activate_ms
http_access deny teamviewer
http_access deny teamviewersite
http_access deny denied_dominios_para_todos
http_access allow fullinet lan
http_access allow fullinet Full_ports
http_access allow linuxadmin all
http_access allow accepted_dominios
http_access allow accepted_ips
http_access allow accepted_urls
http_access allow govar
http_access allow java_jvm
http_access deny noinet all
http_access deny denied_ips
http_access deny denied_archivos
http_access deny denied_expresiones
http_access deny denied_dominios
http_access deny nomsn nomsnurl
http_access deny nofacebook facebook_domain
http_access allow auth lan
http_access deny all
icp_access deny all
acl delayed_pages url_regex -i "/etc/squid3/delayed_pages"
delay_pools 1
delay_class 1 1
delay_parameters 1 16000/32000
delay_access 1 allow !linuxadmin delayed_pages
acl snmppublic snmp_community public
snmp_port 3401
snmp_access allow snmppublic localhost
snmp_access deny all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 255.255.255.255
And... this is my squidclient mgr:info
Connection information for squid:
Number of clients accessing cache: 61
Number of HTTP requests received: 2550426
Number of ICP messages received: 0
Number of ICP messages sent: 0
Number of queued ICP replies: 0
Number of HTCP messages received: 0
Number of HTCP messages sent: 0
Request failure ratio: 0.00
Average HTTP requests per minute since start: 4041.7
Average ICP messages per minute since start: 0.0
Select loop called: 59882415 times, 0.632 ms avg
Cache information for squid:
Hits as % of all requests: 5min: 6.9%, 60min: 7.0%
Hits as % of bytes sent: 5min: 63.4%, 60min: 58.5%
Memory hits as % of hit requests: 5min: 8.0%, 60min: 15.8%
Disk hits as % of hit requests: 5min: 21.3%, 60min: 31.3%
Storage Swap size: 24371196 KB
Storage Swap capacity: 85.0% used, 15.0% free
Storage Mem size: 365584 KB
Storage Mem capacity: 2.5% used, 97.5% free
Mean Object Size: 25.85 KB
Requests given to unlinkd: 0
Median Service Times (seconds) 5 min 60 min:
HTTP Requests (All): 0.00091 0.00091
Cache Misses: 0.27332 0.32154
Cache Hits: 0.00562 0.00562
Near Hits: 0.03066 0.06286
Not-Modified Replies: 0.00179 0.00286
DNS Lookups: 0.14912 0.22276
ICP Queries: 0.00000 0.00000
Resource usage for squid:
UP Time: 37862.000 seconds
CPU Time: 5896.256 seconds
CPU Usage: 15.57%
CPU Usage, 5 minute avg: 46.89%
CPU Usage, 60 minute avg: 48.09%
Process Data Segment Size via sbrk(): 642400 KB
Maximum Resident Size: 2564880 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
Total space in arena: 642532 KB
Ordinary blocks: 640345 KB 481 blks
Small blocks: 0 KB 0 blks
Holding blocks: 37412 KB 11 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 2186 KB
Total in use: 677758 KB 100%
Total free: 2186 KB 0%
Total size: 679944 KB
Memory accounted for:
Total accounted: 555509 KB 82%
memPool accounted: 555508 KB 82%
memPool unaccounted: 124435 KB 18%
memPoolAlloc calls: 554345828
memPoolFree calls: 554714271
File descriptor usage for squid:
Maximum number of file descriptors: 65535
Largest file desc currently in use: 1283
Number of file desc currently in use: 933
Files queued for open: 0
Available number of file descriptors: 64602
Reserved number of file descriptors: 100
Store Disk files open: 0
Internal Data Structures:
943411 StoreEntries
17758 StoreEntries with MemObjects
17733 Hot Object Cache Items
942951 on-disk objects
Tnxs in advance.
Received on Fri Jul 20 2012 - 13:17:51 MDT
This archive was generated by hypermail 2.2.0 : Fri Jul 20 2012 - 12:00:01 MDT