On Mon, 8 Mar 2010 11:38:02 -0600, Luis Daniel Lucio Quiroz
<luis.daniel.lucio_at_gmail.com> wrote:
> Le Dimanche 10 Mai 2009 03:01:14, Roland Roland a écrit :
>> Hi All,
>>
>> users on my network have been complaining of slow browsing sessions for
a
>> while now..
>> i'm trying to figure out ways to speed sessions up without necessarily
>> upgrading my current bandwidth plan...
>> i've thought about Squid, i've set it up on centOS and it's under
>> testing.
>> so my question is, an out of the box squid configuration would be
enough
>> to
>> speed things up with it's caching options? or is there specific config
to
>> do so.. ?
>>
>> PS: i've done the minimal following config so far:
>>
>> - added an ACL defining my trusted subnet
>> - allowed all access to this ACL
>>
>> i can browse the net and so on through squid, but am i actually
caching?
>> i
>> check the caching directory and i see it's growing in size (as minimal
as
>> one user could cause it to do so) but while using wireshark, i see that
>> for
>> each browsing session i retrieve all "Static" objects from the net! at
>> the
>> same time caching logs shows hit after another...
>> am at a loss..!
>>
>> is that normal ?! what did i do wrong ? why am I retrieving static
>> objects
>> times and times again off the internet instead of squid's caching
>> directory
>> ?
Check carefully what type of HIT they are. TCP_HIT is fetched only from
cache, the others involve network fetches of some kind. REFRESH and
UNMODIFIED are squid sending out an IMS (if-modified-sice) request to check
fro newer content. REFRESH is when there _is_ newer content received whole
and the server provides the entire object back. UNMODIFIED is when
unchanged and cache copy sent back to the client, but a network check and
very small data is still required to be done to indentify if that is
possible.
Also, check that your config does not include QUERY acl and "cache deny
QUERY". That prevents caching of any potentially dynamic content (even
though well designed sites permit caching of dynamic content).
The badly designed sites still require a refresh_pattern:
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
[placed just above the "refresh_pattern . " line]
>
> I'm also reviewn how to seepd up mandriva's squid. Here it is my
config.
> Any
> suggestion?
>
> ./configure --build=x86_64-mandriva-linux-gnu --prefix=/usr
> --exec-prefix=/usr --
> bindir=/usr/sbin --sbindir=/usr/sbin --sysconfdir=/etc/squid --
> datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --
> libexecdir=/usr/lib64/squid --localstatedir=/var
--sharedstatedir=/usr/com
> --
> mandir=/usr/share/man --infodir=/usr/share/info
--x-includes=/usr/include
> --x-
> libraries=/usr/lib64 --enable-shared=yes --enable-static=no
> --enable-xmalloc-
> statistics --enable-carp --enable-async-io --enable-
> storeio=aufs,diskd,null,ufs --enable-disk-
> io=AIO,Blocking,DiskDaemon,DiskThreads
--enable-removal-policies=heap,lru
> --
> enable-icmp --enable-delay-pools --disable-esi --enable-icap-client
> --enable-
> useragent-log --enable-referer-log --enable-wccp --enable-wccpv2
--disable-
> kill-parent-hack --enable-snmp --enable-cachemgr-hostname=localhost
> --enable-
> arp-acl --enable-htcp --enable-ssl --enable-forw-via-db
> --enable-cache-digests
> --disable-poll --enable-epoll --enable-linux-netfilter
> --disable-ident-lookups
> --enable-default-hostsfile=/etc/hosts
> --enable-auth=basic,digest,negotiate,ntlm
> --enable-basic-auth-helpers=getpwnam,LDAP,MSNT,multi-domain-
> NTLM,NCSA,PAM,SMB,YP,SASL,POP3,DB,squid_radius_auth --enable-ntlm-auth-
> helpers=fakeauth,no_check,SMB
> --enable-negotiate-auth-helpers=squid_kerb_auth
> --enable-digest-auth-helpers=password,ldap,eDirectory
> --enable-external-acl-
> helpers=ip_user,ldap_group,session,unix_group,wbinfo_group
--with-default-
> user=squid --with-pthreads --with-dl --with-openssl=/usr
> --with-large-files --
> with-build-environment=default --with-filedescriptors=8192
The referrer log, useragent log are mostly a waste. In the rare cases they
really are needed they can be replicated with logformat settings.
Speed in Squid is mostly driven by squid.conf and how much optimization we
have built into the code. The only configure settings that really affect
speed AFAIK are the disk IO methods (which you already have) and the select
loop methods, epoll and kqueue if available and working on your OS make
sure they are available as options. If they are available but not working
thats maybe a bug we need to look into.
The rest is up to the users configuration. For example admin with a
fixation on regex will immediately cut a large percentage off their speed.
Amos
Received on Tue Mar 09 2010 - 01:08:29 MST
This archive was generated by hypermail 2.2.0 : Tue Mar 09 2010 - 12:00:02 MST