Re: [squid-users] transparency Squid very slow internet
Guillaume Chartrand wrote: Hi I run squid 2.6.STABLE12 on RHEL3 AS for web-caching and filtering my internet. I use also Squidguard to block some sites. I configure squid to run with WCCP v2 with my cisco router. So all my web-cache traffic is redirected transparently to squid. I don't know why but when I activate the squid it's really decrease my internet speed. It's long to have page loaded, even when it's in my network. I look with the command top and the squid process run only about 2-3 % of CPU and 15% of Memory. I also run iftop and I have about 15 Mb/s Total on my ethernet interface. I don't know where to look in the config to increase the speed. I use about 50% of disk space so it's not so bad Another possible issue is that squid is having to wait on a slow DNS server. Take a look at the mgr:info report: $ /usr/sbin/squidclient mgr:info And look at Median Service Times section. In our case, DNS lookups were in the 5+ second range, due to the primary DNS server being broken. So squid was asking the primary DNS server, waiting 5 seconds, then asking the backup DNS server. A normal squid server will be servicing all requests in under 1 second (depending on your load).
RE: [squid-users] transparency Squid very slow internet
I don't think it's the problem when I see the results Median Service Times (seconds) 5 min60 min: HTTP Requests (All): 0.05046 0.05331 Cache Misses: 0.05046 0.05331 Cache Hits:0.0 0.0 Near Hits: 0.0 0.0 Not-Modified Replies: 0.0 0.0 DNS Lookups: 0.00094 0.00094 ICP Queries: 0.0 0.0 And for the answer by Amos Jeffries It's usually regex ACL at fault when speed drops noticably. Check that: * ACL are only regex when absoutely necessary (dstdomain, srcdomain, dst, src are all better in most uses). ie acl searchengines dstdomain google.com yahoo.com * limiting regex ACL to only be tested when needed (placing a src netblock ACL ahead of one on the http_access will speed up all requests outside that netblockk). ie http_access allow dodgy_users pornregexes I have just dstdomain, src, dst in my acl. The only acl conatins regex is that line acl msnmessenger url_regex -i gateway.dll Thanks Guillaume Chartrand Technicien informatique Cégep régional de Lanaudière Centre administratif, Repentigny (450) 470-0911 poste 7218 -Message d'origine- De : Thomas Harold [mailto:[EMAIL PROTECTED] Envoyé : 7 mars 2008 11:38 À : Guillaume Chartrand Cc : squid-users@squid-cache.org Objet : Re: [squid-users] transparency Squid very slow internet Guillaume Chartrand wrote: Hi I run squid 2.6.STABLE12 on RHEL3 AS for web-caching and filtering my internet. I use also Squidguard to block some sites. I configure squid to run with WCCP v2 with my cisco router. So all my web-cache traffic is redirected transparently to squid. I don't know why but when I activate the squid it's really decrease my internet speed. It's long to have page loaded, even when it's in my network. I look with the command top and the squid process run only about 2-3 % of CPU and 15% of Memory. I also run iftop and I have about 15 Mb/s Total on my ethernet interface. I don't know where to look in the config to increase the speed. I use about 50% of disk space so it's not so bad Another possible issue is that squid is having to wait on a slow DNS server. Take a look at the mgr:info report: $ /usr/sbin/squidclient mgr:info And look at Median Service Times section. In our case, DNS lookups were in the 5+ second range, due to the primary DNS server being broken. So squid was asking the primary DNS server, waiting 5 seconds, then asking the backup DNS server. A normal squid server will be servicing all requests in under 1 second (depending on your load).
Re: [squid-users] transparency Squid very slow internet
Guillaume Chartrand wrote: Hi I run squid 2.6.STABLE12 on RHEL3 AS for web-caching and filtering my internet. I use also Squidguard to block some sites. I configure squid to run with WCCP v2 with my cisco router. So all my web-cache traffic is redirected transparently to squid. I don't know why but when I activate the squid it's really decrease my internet speed. It's long to have page loaded, even when it's in my network. I look with the command top and the squid process run only about 2-3 % of CPU and 15% of Memory. I also run iftop and I have about 15 Mb/s Total on my ethernet interface. I don't know where to look in the config to increase the speed. I use about 50% of disk space so it's not so bad Thanks for the help It's usually regex ACL at fault when speed drops noticably. Check that: * ACL are only regex when absoutely necessary (dstdomain, srcdomain, dst, src are all better in most uses). ie acl searchengines dstdomain google.com yahoo.com * limiting regex ACL to only be tested when needed (placing a src netblock ACL ahead of one on the http_access will speed up all requests outside that netblockk). ie http_access allow dodgy_users pornregexes Amos -- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.
