[squid-users] WCCP+ Squid Slowing internet browsing , how to improve it ?

From: Daniel EPEE LEA <[email protected]>
Date: Sat, 18 Mar 2006 13:24:38 -0800

Hi,

Squid-2.5-STABLE12 + ip_gre WCCP + RHEL v4 U2 + 4Gigs RAM + Cache
Dir to be 45 Gigs, but only 20Gigs now

I have a high volume network ( /19)
I had to increase the number of file descriptors and rebuild squid.
Now it works Ok,

But I notice a major slowness in browsing the internet. Plus site
with streaming media take too much time to load. From some parts of my
network, I get "Unable to reach Website answer"

This is my config,
---------------------------
iptables -nL -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- [MyNet]/19 ![MyNet]/19 tcp dpt:80 to:[Cache IP]:3128

-----------------------------------
http_port [Cache IP]:3128
icp_port 3130
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 KB
cache_dir ufs /usr/local/squid/var/cache 20240 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
mime_table /usr/local/squid/etc/mime.conf
pid_filename /var/run/squid.pid
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl myacl src [MyNET]
http_access allow myacl
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src [MyNET]
http_access allow our_networks
http_access deny all
http_reply_access allow all
icp_access allow all
icp_access allow all
tcp_outgoing_address [CacheIP]
cache_mgr postmaster@domain.com
cache_effective_user squid
cache_effective_group squid
visible_hostname cache.domain.com
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
logfile_rotate 10
forwarded_for on
cachemgr_passwd *****************
snmp_port 3401
snmp_access deny all
wccp_router [Router IP]
wccp_version 4
wccp_outgoing_address [CacheIP]
coredump_dir /usr/local/squid/var/cache

How can i improve it ? so the all the serveices ate allowed without
restriction ?

Thanks for your answers

Much regards,

--------------------------
Dan
Received on Sat Mar 18 2006 - 14:24:41 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST