[pfSense Support] squid clobbering performance
hi all, any reason (or what can i look at) to see why squid transparent proxying is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs, with proxy, dell.fr takes 20+ or more) running latest stable version in a vmware virtual machine with nice hardware. thanks mcq - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] squid clobbering performance
Simply bypass this website from squid..make your squid to do not cache any content of this site... On Thu, Oct 1, 2009 at 12:38 PM, mayak chunder-qwern ma...@australsat.comwrote: hi all, any reason (or what can i look at) to see why squid transparent proxying is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs, with proxy, dell.fr takes 20+ or more) running latest stable version in a vmware virtual machine with nice hardware. thanks mcq - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Regards Abdulrehman
Re: [pfSense Support] squid clobbering performance
On Thu, Oct 1, 2009 at 17:38, mayak chunder-qwern ma...@australsat.com wrote: any reason (or what can i look at) to see why squid transparent proxying is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs, with proxy, dell.fr takes 20+ or more) Are you using Squid for caching? If you are your cache is most likely misconfigured. If you don't require caching turn it off and see how it behaves itself. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] squid clobbering performance
On Thu, 2009-10-01 at 10:33 +0100, Paul Mansfield wrote: On 01/10/09 08:38, mayak chunder-qwern wrote: hi all, any reason (or what can i look at) to see why squid transparent proxying is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs, with proxy, dell.fr takes 20+ or more) have you restricted the amount of memory squid can use? hi paul, hi morgan, i thought to cache corruption, so i killed squid, did a squid -z, squid -k reconfigure -- still no joy. un-installed squid, reinstalled, etc., and i still get enormous lag. below is config ... cheers mcq General Settings proxy interface: lan allow users on interface: checked transparent proxy: checked bypass for rfc 1918: no bypass source ips: no enable logging: no log store: /var/squid/log log rotate: empty proxy port: 3128 icp port: empty visible hostname: localhost admin mail: ad...@localhost lang: english disable x-forward: checked disable via: checked requests with whitespace: allow alternate dns: empty suppress version: checked custom options: empty Cache Management cache size 1500 cache fs: aufs cache loc: /var/squid/cache mem chache size: 64 minimum object: 1000 max object: 10 level 1 dirs: 16 mem replacement: Heap GDSF cache replacement: Heap LFUDA low water: 90 high water: 95 don't cache: empty enable offline: no - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] squid clobbering performance
I assume you're retyping the config rather than giving us grep -v ^# squid.conf you sure the cache size 1500 is 1500MB and not 1500KB? is it using sufficient disk space? if the disk cache is too small it'll be pointless having it. also, have you turned logging level up too far, if you log too much it can thrash a small system. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] squid clobbering performance
On Thu, 2009-10-01 at 14:02 +0100, Paul Mansfield wrote: I assume you're retyping the config rather than giving us grep -v ^# squid.conf you sure the cache size 1500 is 1500MB and not 1500KB? is it using sufficient disk space? if the disk cache is too small it'll be pointless having it. also, have you turned logging level up too far, if you log too much it can thrash a small system. grep -v ^# squid.conf doh!!! mcq here's the conf in its entirety http_port 172.16.32.254:3128 http_port 127.0.0.1:80 transparent icp_port 0 pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/local/etc/squid/errors/English icon_directory /usr/local/etc/squid/icons visible_hostname localhost cache_mgr ad...@localhost access_log /dev/null cache_log /var/squid/log/cache.log cache_store_log none shutdown_lifetime 3 seconds acl localnet src 172.16.32.0/255.255.255.0 forwarded_for off via off httpd_suppress_version_string on uri_whitespace allow cache_dir aufs /var/squid/cache 1500 16 256 cache_mem 64 MB maximum_object_size 100 KB minimum_object_size 100 KB cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF offline_mode off dns_children 32 cache_swap_low 90 cache_swap_high 95 acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 1025-65535 acl sslports port 443 563 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT acl dynamic urlpath_regex cgi-bin \? cache deny dynamic http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports http_access allow localhost request_body_max_size 0 KB reply_body_max_size 0 allow all delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 delay_access 1 allow all http_access allow localnet http_access deny all - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] squid clobbering performance
mayak chunder-qwern wrote: hi all, any reason (or what can i look at) to see why squid transparent proxying is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs, with proxy, dell.fr takes 20+ or more) running latest stable version in a vmware virtual machine with nice hardware. Have you tried the suggestion listed here? http://doc.pfsense.org/index.php/Squid_Package_Tuning#Performance_Tweaks Jim - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] squid clobbering performance
On Thu, Oct 1, 2009 at 7:57 AM, Jim Pingle li...@pingle.org wrote: mayak chunder-qwern wrote: hi all, any reason (or what can i look at) to see why squid transparent proxying is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs, with proxy, dell.fr takes 20+ or more) My connection speed would undulate with squid until I followed the instructions in the last post here: http://forum.pfsense.org/index.php/topic,7186.msg59302.html#msg59302 Careful, the syntax is a little inconsistent in the post. Mine looks like this: # cat /boot/loader.conf autoboot_delay=1 vm.kmem_size=435544320 vm.kmem_size_max=535544320 console=comconsole #squid custom hint.apic.0.disabled=1 kern.ipc.nmbclusters=32768 kern.maxfiles=65536 kern.maxfilesperproc=32768 net.inet.ip.portrange.last=65535 and works great. My internet is a solid 5.5mbps as it should be, and I've seen downloads come out of cache at 30 mbps. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] squid clobbering performance [solved]
On Thu, 2009-10-01 at 08:18 -0600, David Burgess wrote: On Thu, Oct 1, 2009 at 7:57 AM, Jim Pingle li...@pingle.org wrote: mayak chunder-qwern wrote: hi all, any reason (or what can i look at) to see why squid transparent proxying is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs, with proxy, dell.fr takes 20+ or more) My connection speed would undulate with squid until I followed the instructions in the last post here: http://forum.pfsense.org/index.php/topic,7186.msg59302.html#msg59302 Careful, the syntax is a little inconsistent in the post. Mine looks like this: # cat /boot/loader.conf autoboot_delay=1 vm.kmem_size=435544320 vm.kmem_size_max=535544320 console=comconsole #squid custom hint.apic.0.disabled=1 kern.ipc.nmbclusters=32768 kern.maxfiles=65536 kern.maxfilesperproc=32768 net.inet.ip.portrange.last=65535 and works great. My internet is a solid 5.5mbps as it should be, and I've seen downloads come out of cache at 30 mbps. david, oh yea ... boom, boom, boom ... amazing difference. thanks a million mcq - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
