Hi,
Some updates on squid tuning (compilation) are below.
Squid supports a custom malloc called dmalloc which is more efficient than
system malloc but dmalloc is not thread safe. On the other hand,
a performance improvement could be made with enabling async-io which uses
threads for FD handling. These options are mutually incompatible. Another
option that is incompatible with async-io but may give a benefit is to
enable truncate instead of unlink.
The howtos on optimizing squid uses async-io almost all the time so I am
including async-io in the options in sfw. But there is also caution that
on very lightly loaded caches, async-io may slightly slowdown the cache.
The most often recommended options for squid compilation (along with
some that is added for performance benefit)
============================================
Options for SUNWsquid:
============================================
--enable-async-io (Enable async IO with threads - reasoning above.)
--enable-carp
--enable-htcp
--enable-cache-digests
--enable-large-cache-files
--disable-ident-lookups (slight optimization from removing ident)
--enable-time-hack (gettimeofday is used frequently for timestamps. this option
makes the granularity 1 second (avoiding the multiple
sys-calls) giving a slight boost.) -- this is not shown in
--configure --help. but is available.
--enable-storeio="diskd,ufs,aufs,coss" Diskd is a faster cached.
(http://wiki.squid-cache.org/SquidFaq/DiskDaemon)
and coss performs fastest for small objects (single file
cache)
(http://wiki.squid-cache.org/SquidFaq/CyclicObjectStorageSystem)
both works in conjunction with others.
============================================
Options Reference:
(explanations on options that could be dug up)
============================================
--enable-dlmalloc[=LIB] use dmallco package. Dmalloc is a fast allocator.
--enable-gnuregex Solaris regex is not broken, so this is not needed.
--enable-carp Enable CARP support
--enable-async-io[=N] => (implies)
--with-pthreads
--enable-storeio=ufs,aufs
--with-aufs-threads=[N]
Tune the number of worker threads for the aufs
object
store.
--with-aio Use POSIX AIO
--with-dl Use dynamic linking
--enable-storeio="aufs coss diskd ufs null"
Build support for the list of store I/O modules.
The default is only to build the ufs module.
--enable-removal-policies="heap lru"
Build support for the list of removal policies.
The default is only to build the lru module.
--enable-icmp Enable ICMP pinging (keep track of gateways)
--enable-delay-pools Enable delay pools to limit bandwidth usage
--enable-useragent-log Enable logging of User-Agent header
--enable-referer-log Enable logging of Referer header
--disable-wccp Disable Web Cache Coordination Protocol
--enable-snmp Enable SNMP monitoring
--enable-arp-acl Enable use of ARP ACL lists (ether address)
--enable-htcp Enable HTCP protocol
--enable-ssl Enable ssl gatewaying support using OpenSSL
--with-openssl[=P] Compile with the OpenSSL libraries.
--enable-forw-via-db Enable Forw/Via database (Keep track of origin req
hosts)
--enable-cache-digests Use Cache Digests (ICP+data)
--enable-default-err-language=lang
Select default language for Error pages
--with-coss-membuf-size COSS membuf size (default 1048576 bytes)
--disable-http-violations
This allows you to remove code which is known to
violate the HTTP protocol specification.
--enable-ipf-transparent
Enable Transparent Proxy support for systems
using IP-Filter network address redirection.
--enable-pf-transparent
Enable Transparent Proxy support for systems
using PF network address redirection.
--with-large-files Enable support for large files (logs etc).
--enable-large-cache-files
Enable support for large cache files (>2GB).
WARNING: on-disk cache format is changed by this
option
--disable-ident-lookups This allows you to remove code that performs
Ident (RFC 931) lookups.
--disable-internal-dns This prevents Squid from directly sending and
receiving DNS messages, and instead enables the
old external 'dnsserver' processes.
--enable-truncate This uses truncate() instead of unlink() when
removing cache files. Truncate gives a little
performance improvement, but may cause problems
when used with async I/O. Truncate uses more
filesystem inodes than unlink..
--disable-hostname-checks
Squid by default rejects any host names with
odd characters in their name to conform with
internet standards. If you disagree with this
you may use this switch to turn off any such
checks, provided that the resolver used by
Squid does not reject such host names.. This
may be required to participate in testbeds for
international domain names.
--enable-underscores Squid by default rejects any host names with _
in their name to conform with internet standards.
If you disagree with this you may allow _ in
hostnames by using this switch, provided that
the resolver library on the host where Squid runs
does not reject _ in hostnames...
--enable-auth="basic diget ntlm"
Build support for the list of authentication schemes.
--enable-basic-auth-helpers="PAM SMB NCSA SASL YP getpwnam winbind
multi-domain-NTLM"
--enable-ntlm-auth-helpers="SMB fakeauth nocheck winbind"
--enable-digest-auth-helpers="password"
--enable-ntlm-fail-open Enable NTLM fail open, where a helper that fails one
of the
Authentication steps can allow squid to still
authenticate
the user.
--enable-external-acl-helpers="ip_user ldap_grup unix_group wbinfo_group
winbind_group"
--disable-unlinkd Do not use unlinkd
--enable-x-accelerator-vary
Enable support for the X-Accelerator-Vary
HTTP header. Can be used to indicate
variance within an accelerator setup.
Typically used together with other code
that adds custom HTTP headers to the requests.
--with-maxfd=N Override maximum number of file descriptors. Useful
if you build as another user who is not privileged
to use the number of file descriptors you want the
resulting binary to support
--enable-time-hack Update the timestamp only once per second.
Normally gettimeofday is called multiple times
during request processing, this option reduces
it to once per second (the catch is that
timestamp granularity reduces to second)
rahul
--
1. e4 _
