Re: [squid-users] Low memory usage

From: Guido Marino Lorenzutti <glorenzutti_at_jusbaires.gov.ar>
Date: Fri, 20 Jul 2012 11:05:39 -0300

This is my problem:

Storage Mem size: 365584 KB
Storage Mem capacity: 2.5% used, 97.5% free

Why only 2.5% of cache memory usage ...

and...

Storage Swap size: 24371196 KB
Storage Swap capacity: 85.0% used, 15.0% free

Marcus Kool <marcus.kool_at_urlfilterdb.com> escribió:

> And if you want Squid to respond fast to cache cleanups, change
>>> cache_swap_low 85
>>> cache_swap_high 95
> into
> cache_swap_low 94
> cache_swap_high 95
>
> Marcus
>
> On 07/20/2012 10:53 AM, Marcus Kool wrote:
>> If you have 14 GB physical memory, it is not recommended to set
>> cache_mem 14 GB.
>> See the FAQ for more details:
>> http://wiki.squid-cache.org/SquidFaq/SquidMemory
>>
>> Marcus
>>
>>
>> On 07/20/2012 10:17 AM, Guido Marino Lorenzutti wrote:
>>> Hi people!
>>> Im running 3.1.20 with ntlm and it works much better! I was using
>>> squid 2.7 and the ntlm was much slower.
>>>
>>> What I'm seeing strange is that the use of memory for cache is
>>> very low. Any suggestion to improve the use of my 14GB of ram ?
>>>
>>> This is my squid.conf:
>>>
>>> external_acl_type ldap_group ttl=1200 children=4 %LOGIN
>>> /usr/lib/squid3/squid_ldap_group -b "ou=Group,dc=SARASA,dc=COM" -f
>>> "(&(cn=%a)(memberuid=%v)(objectClass=posixgroup))" -h 100.0.0.1
>>> -v3 -S -P
>>>
>>> cache_dir aufs /var/spool/squid3 28000 16 256
>>>
>>> cache_mem 14 GB
>>>
>>> visible_hostname proxy.sarasa.com
>>>
>>> acl lan src 100.0.0.0/16
>>>
>>> auth_param ntlm children 100 startup=0 idle=1
>>> auth_param basic children 5 startup=0 idle=1
>>>
>>> refresh_pattern ^http://.*\.facebook.*/.* 720 100% 10080
>>> override-expire override-lastmod reload-into-ims
>>>
>>> http_port 3128
>>> log_fqdn off
>>> cache_store_log none
>>> cache_log /var/log/squid3/cache_log.log
>>> access_log /var/log/squid3/access.log
>>> emulate_httpd_log on
>>>
>>> log_mime_hdrs off
>>> nonhierarchical_direct off
>>> prefer_direct on
>>> strip_query_terms on
>>> httpd_suppress_version_string on
>>>
>>> auth_param ntlm program /usr/bin/ntlm_auth
>>> --helper-protocol=squid-2.5-ntlmssp --domain=SARASA
>>> auth_param ntlm keep_alive on
>>> authenticate_ttl 240 seconds
>>> authenticate_ip_ttl 10 minutes
>>> authenticate_cache_garbage_interval 2 hours
>>>
>>> auth_param basic program /usr/bin/ntlm_auth
>>> --helper-protocol=squid-2.5-basic --domain=SARASA
>>> auth_param basic realm Squid proxy-caching web server
>>> auth_param basic credentialsttl 2 hours
>>>
>>> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
>>> refresh_pattern . 0 20% 4320
>>>
>>> negative_ttl 5 minutes
>>> positive_dns_ttl 5 hours
>>> negative_dns_ttl 1 minutes
>>> half_closed_clients off
>>> connect_timeout 3 seconds
>>> cache_swap_low 85
>>> cache_swap_high 95
>>> maximum_object_size 800 MB
>>> maximum_object_size_in_memory 2 MB
>>> request_body_max_size 10 MB
>>> request_header_max_size 128 KB
>>> fqdncache_size 6144
>>> cache_replacement_policy heap lfuda
>>> memory_replacement_policy lru
>>> pipeline_prefetch off
>>> client_persistent_connections on
>>> server_persistent_connections on
>>>
>>> hierarchy_stoplist cgi-bin ?
>>> acl QUERY urlpath_regex cgi-bin \?
>>> no_cache deny QUERY
>>>
>>> acl all src all
>>>
>>> acl govar dstdomain "/etc/squid3/accepted.govar"
>>> acl nomsnurl dstdomain "/etc/squid3/nomsn"
>>> acl accepted_dominios dstdomain "/etc/squid3/accepted.dominios"
>>> acl accepted_ips dst "/etc/squid3/accepted.ips"
>>> acl accepted_urls url_regex -i "/etc/squid3/accepted.urls"
>>> acl activate_ms url_regex -i "/etc/squid3/activate.ms"
>>>
>>> acl denied_dominios dstdomain "/etc/squid3/denied.dominios"
>>> acl denied_dominios_para_todos dstdomain
>>> "/etc/squid3/denied.dominios.para.todos"
>>> acl denied_expresiones url_regex -i "/etc/squid3/denied.expresiones"
>>> acl denied_promos url_regex -i "/etc/squid3/block.ads"
>>> acl denied_archivos urlpath_regex -i "/etc/squid3/denied.archivos"
>>> acl denied_ips dst "/etc/squid3/denied.ips"
>>>
>>> acl manager proto cache_object
>>> acl localhost src 127.0.0.1
>>> acl SSL_MS_ports port 443 8443
>>> acl SSL_ports port 443 563 1863 6667 4430 8443
>>> acl Safe_ports port 21
>>> acl Safe_ports port 80
>>> acl Safe_ports port 443 563
>>> acl Safe_ports port 631
>>> acl Safe_ports port 3000
>>> acl Safe_ports port 8181
>>> acl Safe_ports port 1024
>>> acl Safe_ports port 8087
>>> acl Safe_ports port 2401
>>> acl Safe_ports port 9418
>>> acl Safe_ports port 14534
>>> acl Safe_ports port 873
>>> acl Safe_ports port 2095
>>> acl Safe_ports port 8080 2480 8443 8180 1741
>>> acl Safe_ports port 10080
>>>
>>> acl Full_ports port 8081
>>> acl Full_ports port 8180
>>> acl Full_ports port 8181
>>> acl Full_ports port 8090
>>> acl Full_ports port 10000
>>> acl Full_ports port 8383
>>> acl Full_ports port 2280
>>> acl Full_ports port 2288
>>> acl Full_ports port 21
>>> acl Full_ports port 20
>>> acl Full_ports port 5900
>>> acl Full_ports port 2082
>>> acl Full_ports port 19638
>>> acl Full_ports port 2082
>>> acl Full_ports port 2095
>>> acl Full_ports port 9001
>>> acl Full_ports port 8443
>>> acl Full_ports port 1741
>>>
>>> acl auth proxy_auth REQUIRED
>>> acl noinet external ldap_group noinet
>>> acl fullinet external ldap_group fullinet
>>> acl linuxadmin external ldap_group linuxadmin
>>> acl nomsn external ldap_group nomsn
>>> acl nofacebook external ldap_group nofacebook
>>> acl facebook_domain dstdomain .facebook.com
>>> acl teamviewer browser DynGate
>>> acl teamviewersite dstdomain .teamviewer.com
>>>
>>> acl CONNECT method CONNECT
>>> acl PURGE method PURGE
>>>
>>> acl java_jvm browser Java/1.3 Java/1.4 Java/1.5 Java/1.6
>>>
>>> http_access allow PURGE localhost
>>> http_access deny PURGE
>>> http_access allow manager localhost
>>> http_access deny manager
>>> http_access deny !Safe_ports
>>> http_access deny CONNECT !SSL_MS_ports
>>> http_access allow localhost
>>>
>>> http_access allow activate_ms
>>> http_access deny teamviewer
>>> http_access deny teamviewersite
>>>
>>> http_access deny denied_dominios_para_todos
>>> http_access allow fullinet lan
>>> http_access allow fullinet Full_ports
>>> http_access allow linuxadmin all
>>> http_access allow accepted_dominios
>>> http_access allow accepted_ips
>>> http_access allow accepted_urls
>>> http_access allow govar
>>> http_access allow java_jvm
>>> http_access deny noinet all
>>>
>>> http_access deny denied_ips
>>> http_access deny denied_archivos
>>> http_access deny denied_expresiones
>>> http_access deny denied_dominios
>>> http_access deny nomsn nomsnurl
>>> http_access deny nofacebook facebook_domain
>>>
>>> http_access allow auth lan
>>>
>>> http_access deny all
>>> icp_access deny all
>>>
>>> acl delayed_pages url_regex -i "/etc/squid3/delayed_pages"
>>> delay_pools 1
>>> delay_class 1 1
>>> delay_parameters 1 16000/32000
>>> delay_access 1 allow !linuxadmin delayed_pages
>>>
>>> acl snmppublic snmp_community public
>>> snmp_port 3401
>>> snmp_access allow snmppublic localhost
>>> snmp_access deny all
>>> snmp_incoming_address 0.0.0.0
>>> snmp_outgoing_address 255.255.255.255
>>>
>>>
>>> And... this is my squidclient mgr:info
>>>
>>> Connection information for squid:
>>> Number of clients accessing cache: 61
>>> Number of HTTP requests received: 2550426
>>> Number of ICP messages received: 0
>>> Number of ICP messages sent: 0
>>> Number of queued ICP replies: 0
>>> Number of HTCP messages received: 0
>>> Number of HTCP messages sent: 0
>>> Request failure ratio: 0.00
>>> Average HTTP requests per minute since start: 4041.7
>>> Average ICP messages per minute since start: 0.0
>>> Select loop called: 59882415 times, 0.632 ms avg
>>> Cache information for squid:
>>> Hits as % of all requests: 5min: 6.9%, 60min: 7.0%
>>> Hits as % of bytes sent: 5min: 63.4%, 60min: 58.5%
>>> Memory hits as % of hit requests: 5min: 8.0%, 60min: 15.8%
>>> Disk hits as % of hit requests: 5min: 21.3%, 60min: 31.3%
>>> Storage Swap size: 24371196 KB
>>> Storage Swap capacity: 85.0% used, 15.0% free
>>> Storage Mem size: 365584 KB
>>> Storage Mem capacity: 2.5% used, 97.5% free
>>> Mean Object Size: 25.85 KB
>>> Requests given to unlinkd: 0
>>> Median Service Times (seconds) 5 min 60 min:
>>> HTTP Requests (All): 0.00091 0.00091
>>> Cache Misses: 0.27332 0.32154
>>> Cache Hits: 0.00562 0.00562
>>> Near Hits: 0.03066 0.06286
>>> Not-Modified Replies: 0.00179 0.00286
>>> DNS Lookups: 0.14912 0.22276
>>> ICP Queries: 0.00000 0.00000
>>> Resource usage for squid:
>>> UP Time: 37862.000 seconds
>>> CPU Time: 5896.256 seconds
>>> CPU Usage: 15.57%
>>> CPU Usage, 5 minute avg: 46.89%
>>> CPU Usage, 60 minute avg: 48.09%
>>> Process Data Segment Size via sbrk(): 642400 KB
>>> Maximum Resident Size: 2564880 KB
>>> Page faults with physical i/o: 0
>>> Memory usage for squid via mallinfo():
>>> Total space in arena: 642532 KB
>>> Ordinary blocks: 640345 KB 481 blks
>>> Small blocks: 0 KB 0 blks
>>> Holding blocks: 37412 KB 11 blks
>>> Free Small blocks: 0 KB
>>> Free Ordinary blocks: 2186 KB
>>> Total in use: 677758 KB 100%
>>> Total free: 2186 KB 0%
>>> Total size: 679944 KB
>>> Memory accounted for:
>>> Total accounted: 555509 KB 82%
>>> memPool accounted: 555508 KB 82%
>>> memPool unaccounted: 124435 KB 18%
>>> memPoolAlloc calls: 554345828
>>> memPoolFree calls: 554714271
>>> File descriptor usage for squid:
>>> Maximum number of file descriptors: 65535
>>> Largest file desc currently in use: 1283
>>> Number of file desc currently in use: 933
>>> Files queued for open: 0
>>> Available number of file descriptors: 64602
>>> Reserved number of file descriptors: 100
>>> Store Disk files open: 0
>>> Internal Data Structures:
>>> 943411 StoreEntries
>>> 17758 StoreEntries with MemObjects
>>> 17733 Hot Object Cache Items
>>> 942951 on-disk objects
>>>
>>>
>>> Tnxs in advance.
>>>
>>>
>>>
>>
>>
>
Received on Fri Jul 20 2012 - 14:05:52 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 20 2012 - 12:00:01 MDT