Thanks for reading my Email. I have two questions:
My first question is how many maximum concurrent connection and the maximum new connection of squid are. The second question is how to configure Squid can improve the maximum concurrent connection,maximum new connection and the performance . I used 3.5.27 version. My squid.conf is: acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # # Recommended minimum Access Permission configuration: # # Deny requests to certain unsafe ports http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !SSL_ports # Only allow cachemgr access from localhost http_access allow localhost manager http_access deny manager # We strongly recommend the following be uncommented to protect innocent # web applications running on the proxy server who think the only # one who can access services on "localhost" is a local user http_access deny to_localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed http_access allow localnet http_access allow localhost # And finally deny all other access to this proxy acl NCACHE method GET store_miss deny all via off # Squid normally listens to port 3128 http_port 3128 https_port 192.168.XX.XXX:3129 intercept ssl-bump connection-auth=off generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/myCA.pem key=/usr/local/squid/ssl_cert/myCA.pem options=NO_SSLv3,NO_SSLv2 acl ssl_step1 at_step SslBump1 acl ssl_step2 at_step SslBump2 acl ssl_step3 at_step SslBump3 ssl_bump peek ssl_step1 ssl_bump stare ssl_step2 ssl_bump bump ssl_step3 sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s /usr/local/squid/lib/ssl_db -M 4MB sslcrtd_children 8 startup=1 idle=1 #Uncomment and adjust the following to add a disk cache directory. cache_dir ufs /usr/local/squid/var/cache/squid 4096 16 256 minimum_object_size 0 KB maximum_object_size 4096 KB maximum_object_size_in_memory 4096 KB ipcache_size 1024 MB ipcache_low 90 ipcache_high 95 fqdncache_size 1024 MB cache_mem 2048 MB cache_swap_low 90 cache_swap_high 95 # Leave coredumps in the first cache dir coredump_dir /usr/local/squid/var/cache/squid #icap icap_enable on icap_preview_enable on icap_preview_size 1024 icap_send_client_ip on adaptation_meta X-Client-Port "%>p" icap_206_enable on icap_persistent_connections off icap_service service_req reqmod_precache 0 icap://192.168.XX.XXX:1344/echo icap_service service_res respmod_precache 1 icap://192.168.XX.XXX:1344/echo adaptation_access service_res allow all adaptation_access service_req allow all # # Add any of your own refresh_pattern entries above these. # refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users