[squid-users] Large Solaris (2.8) Squid Server Advice Needed

From: Vadim Pushkin <[email protected]>
Date: Mon, 07 Nov 2005 20:07:06 +0000

Hello;

I have searched the archives, but I was unable to find any recent answers.
I have a Sparc/Solaris 2.8 server which has the following:

Squid-2.5.STABLE11
Solaris 2.8 (w/4 CPU's)
4X Network ports (one listens on a switch for requests as well as
connections to the Internet, the other I wish to configure on a private VLAN
for ICP.)

64GB of space available for Squid use. (+ 1GB Swap)
1GB of memory available for Squid use.

I am not sure if I am using both my hardware resources and my squid.conf
properly, especially with regards to: cache_dir ufs /usr/squidcache 8192 16
256

I have attached both my /etc/system and my squid.conf at the end. I am
hoping that this thread helps both myself as well as others with similiar
concerns on large servers like mine.

Many apologies for such a long email, but I have done my best to be as
informative as possible.

Thank you very much for such a great software package, and many, many thanks
in advance for the assistance of all.

vp.

Vadim Anatoly Pushkin

/etc/system:
------------------
set msgsys:msginfo_msgmax=2048
set msgsys:msginfo_msgmnb=8192
set msgsys:msginfo_msgmni=40
set msgsys:msginfo_msgssz=64
set msgsys:msginfo_msgtql=2048

set shmsys:shminfo_shmmax=2097152
set shmsys:shminfo_shmmni=32
set shmsys:shminfo_shmseg=16

/usr/bin/squid/current/etc/squid.conf
---------------------------------------------------
http_port 8080

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?

no_cache deny QUERY

cache_dir ufs /usr/squidcache 8192 16 256

cache_access_log /usr/bin/squid/current/var/logs/access.log

cache_store_log /usr/bin/squid/current/var/logs/store.log

ftp_user ftp@

diskd_program /usr/bin/squid/current/libexec/diskd

request_body_max_size 50 MB

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

acl all src 192.9.65.0/255.255.255.0 192.9.64.0/255.255.255.0
acl all src 10.90.0.0-10.95.0.0/255.255.0.0
172.16.0.0-172.19.0.0/255.255.0.0 192.168.0.0/255.255.0.0
acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow all

http_reply_access allow all

cache_mgr squidmanager@vadim.org

cache_effective_user nobody

visible_hostname squidproxy-1

logfile_rotate 5

coredump_dir /usr/bin/squid/current/var/cache

cache_effective_group nobody
Received on Mon Nov 07 2005 - 13:07:08 MST

This archive was generated by hypermail pre-2.1.9 : Thu Dec 01 2005 - 12:00:09 MST