RE: [squid-users] After Running Multiple Instances my Squid speed/response is extremely slow.

From: GIGO . <gigoz_at_msn.com>
Date: Thu, 25 Mar 2010 11:55:08 +0000

Please I want to add information for my previous query. My previous setup with single instance was running fine.Another change is that i compiled my new setup with more options this time like enabling delay pools , cache digest and active directory authentication support. Is the below issue in any way related to this as well. Please your support is required.

----------------------------------------
> From: gigoz_at_msn.com
> To: squid-users_at_squid-cache.org
> Date: Thu, 25 Mar 2010 11:31:01 +0000
> Subject: [squid-users] After Running Multiple Instances my Squid speed/response is extremely slow.
>
>
> DearAll,
>
> Please help me on this as after setting up multiple instances on the same server for (cache Directory fault tolerance myy squid speed/response is extremely slow and even most of the sites keep on opening and opening. I am failing to figure out whats wrong. Please guide me on this i am enclosing my configuration files for your reference.
>
>
>
> Instance 1 with which all the users are connected:
>
>
> visible_hostname squidLhr
> unique_hostname squidMainProcess
> pid_filename /var/run/squid3main.pid
> http_port 8080
> icp_port 0
> snmp_port 3161
> access_log /var/logs/access.log
> cache_log /var/logs/cache.log
> cache_effective_user proxy
> cache_peer 127.0.0.1 parent 3128 0 default no-digest no-query proxy-only no-delay
>
> #temporarily Directive
> never_direct allow all
>
> prefer_direct off
> cache_dir aufs /var/spool/squid3 10000 32 320
> coredump_dir /var/spool/squid3
> cache deny all
>
> acl localServers dst 10.0.0.0/8
> always_direct allow localservers
> cache deny LocalServers
> acl localhost src 127.0.0.1/32
> acl to_localhost dst 127.0.0.0/8
> http_access allow localhost
> acl FcUsr src "/etc/squid3/FcUsr.conf"
> acl PUsr src "/etc/squid3/PUsr.conf"
> acl RUsr src "/etc/squid3/RUsr.conf"
> acl BIP dst "/etc/squid3/Blocked.conf"
> acl CONNECT method CONNECT
> # Windows Update Section...
> acl windowsupdate dstdomain windowsupdate.microsoft.com
> acl windowsupdate dstdomain .update.microsoft.com
> acl windowsupdate dstdomain download.windowsupdate.com
> acl windowsupdate dstdomain redir.metaservices.microsoft.com
> acl windowsupdate dstdomain images.metaservices.microsoft.com
> acl windowsupdate dstdomain c.microsoft.com
> acl windowsupdate dstdomain www.download.windowsupdate.com
> acl windowsupdate dstdomain wustat.windows.com
> acl windowsupdate dstdomain crl.microsoft.com
> acl windowsupdate dstdomain sls.microsoft.com
> acl windowsupdate dstdomain productactivation.one.microsoft.com
> acl windowsupdate dstdomain ntservicepack.microsoft.com
> acl wuCONNECT dstdomain www.update.microsoft.com
> acl wuCONNECT dstdomain sls.microsoft.com
> http_access allow CONNECT wuCONNECT FcUsr
> http_access allow CONNECT wuCONNECT PUsr
> http_access allow CONNECT wuCONNECT RUsr
> http_access allow CONNECT wuCONNECT localhost
> http_access allow windowsupdate FcUsr
> http_access allow windowsupdate PUsr
> http_access allow windowsupdate RUsr
> http_access allow windowsupdate localhost
> #Defining & allowing ports section....
> acl SSL_ports port 443 #https
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> acl manager proto cache_object
> http_access allow manager localhost
> http_access deny manager
> acl workinghours time MTWHF 09:00-12:59
> acl workinghours time MTWHF 15:00-17:00
> ####----Definitions for BlockingRules----#####
> ###Definition of MP3/MPEG
> acl FTP proto FTP
> acl MP3url urlpath_regex \.mp3(\?.*)?$
> acl Movies rep_mime_type video/mpeg
> acl MP3s rep_mime_type audio/mpeg
>
> ###Definition of Flash Video
> acl deny_rep_mime_flashvideo rep_mime_type video/flv
> ###Definition of Porn
> acl Sex urlpath_regex sex
> acl PornSites url_regex "/etc/squid3/pornlist"
>
> ####Definition of YouTube.
> ## The videos come from several domains
> acl youtube_domains dstdomain .youtube.com .googlevideo.com .ytimg.com
> ###Definition of FaceBook
> acl facebook_sites dstdomain .facebook.com
>
> #### Definition of MSN Messenger
> acl msn urlpath_regex -i gateway.dll
> acl msnd dstdomain messenger.msn.com gateway.messenger.hotmail.com
> acl msn1 req_mime_type application/x-msn-messenger
>
> ####Definition of Skype
> acl numeric_IPs url_regex ^(([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)|(\[([0-9af]+)?:([0-9af:]+)?:([0-9af]+)?\])):443
> acl Skype_UA browser ^skype^
> ##Definition of Yahoo! Messenger
> acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
> acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
> acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
> acl ym dstdomain .voice.yahoo.com
> acl ymregex url_regex yupdater.yim ymsgr myspaceim
> ## Other protocols Yahoo!Messenger uses ??
> acl ym dstdomain .skype.com .imvu.com
> ###Definition for Disallowing download of executables from web#####
> acl downloads url_regex "/etc/squid3/download.conf"
> ###Definiton of Torrentz####
> acl torrentSeeds urlpath_regex \.torrent(\?.*)?$
> ###Definition of Rapidshare###
> acl dlSites dstdomain .rapidshare.com .rapidsharemegaupload.com .filespump.com
> ###---------------------------------------------########
> http_access deny PornSites
> http_access deny Sex
> #http_access deny RUsr PornSites
> #http_access deny PUsr PornSites #deny everyone porn sites....
> #http_access deny RUsr Sex
> #http_access deny PUsr Sex
> http_access deny PUsr msnd
> http_access deny RUsr msnd
> http_access deny PUsr msn
> http_access deny RUsr msn
> http_access deny PUsr msn1
> http_access deny RUsr msn1
> http_access deny PUsr numeric_IPs
> http_access deny RUsr numeric_IPs
> http_access deny PUsr Skype_UA
> http_access deny RUsr Skype_UA
> http_access deny RUsr ym
> http_access deny PUsr ym
> http_access deny RUsr ymregex
> http_access deny PUsr ymregex
> #----Most Restricted settings Exclusive for Normal users......#
> http_reply_access deny Movies RUsr
> http_reply_access deny MP3s RUsr
> http_access deny RUsr FTP
> http_access deny RUsr MP3url
> http_reply_access deny deny_rep_mime_flashvideo RUsr
> http_access deny RUsr youtube_domains
> http_access deny RUsr facebook_sites
> http_access deny RUsr BIP
> http_access deny RUsr downloads
> http_access deny RUsr torrentSeeds
> http_access deny RUsr dlSites
> http_access allow PUsr !workinghours youtube_domains
> http_access allow PUsr !workinghours facebook_sites
> http_access allow PUsr !workinghours BIP
> http_access allow FcUsr
> http_access allow PUsr
> http_access allow RUsr
> http_access deny all
>
> Instance 2 which is utlizing Microsoft ISA Server for internet access:
>
> visible_hostname squidLhr
> unique_hostname squidCacheProcess
> pid_filename /var/run/squid3cache.pid
>
> # internet access is through ISA server(10.1.82.205)
>
> cache_peer 10.1.82.205 parent 8080 0 default no-digest no-query
> http_port 3128
> icp_port 0
> snmp_port 7172
> access_log /var/logs/access2.log
> cache_log /var/logs/cache2.log
>
> cache_effective_user proxy
> coredump_dir /cache01/var/spool/squid3
> cache_dir aufs /cache01/var/spool/squid3 50000 48 768
> cache_swap_low 75
> cache_mem 1000 MB
> range_offset_limit -1
> maximum_object_size 4096 MB
> #minimum_object_size 12 bytes
> quick_abort_min -1
> cache_replacement_policy lru
>
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
>
> #specific for youtube belowone....
> refresh_pattern (get_video\?|videoplayback\?|videodownload\?) 5259487 99999999% 5259487
> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
>
> #This directive forcing to go to origin servers itself and not use peer.in test environments you may have to disable this...
> #always_direct allow all
>
>
> acl localhost src 127.0.0.1/32
> acl to_localhost dst 127.0.0.0/8
> http_access allow localhost
> http_access deny all
>
>
>
> _________________________________________________________________
> Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
> https://signup.live.com/signup.aspx?id=60969
_________________________________________________________________
Hotmail: Trusted email with powerful SPAM protection.
https://signup.live.com/signup.aspx?id=60969
Received on Thu Mar 25 2010 - 11:55:16 MDT

This archive was generated by hypermail 2.2.0 : Thu Mar 25 2010 - 12:00:07 MDT