Re: [squid-users] Squid on DualxQuad Core 8GB Rams - Optimization - Performance - Large Scale - IP Spoofing

From: Haytham KHOUJA \(devnull\) <[email protected]>
Date: Mon, 29 Oct 2007 17:59:44 +0200

Thought of sharing my new setup based on your help and some more
research and testing (Read the topic of this thread for my Hard Ware and
setup):

visible_hostname XXXXXXX
cache_mgr XXXXXXX
unique_hostname XXXXXXX
http_port 80 transparent tproxy
tcp_outgoing_address XXXXXXX
via off
forwarded_for off

cache_mem 3072 MB
snmp_port 3401
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /CACHE1 61440 16 256
cache_dir aufs /CACHE2 61440 16 256
cache_dir aufs /CACHE3 61440 16 256

logfile_rotate 24
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
fqdncache_size 51200
ipcache_size 51200
pipeline_prefetch on
shutdown_lifetime 1 second
read_ahead_gap 2 KB
maximum_object_size 720 MB
maximum_object_size_in_memory 128 KB
cache_swap_high 90
cache_swap_low 80
half_closed_clients off
quick_abort_min 0 KB
client_db off
buffered_logs on
positive_dns_ttl 24 hours
negative_dns_ttl 10 seconds
request_timeout 40 seconds
connect_timeout 40 seconds
pconn_timeout 40 seconds
#ie_refresh on
#dns_children 10
dns_nameservers XXXXXX XXXXXX
emulate_httpd_log off
log_ip_on_direct on
debug_options ALL, 5
pid_filename /var/run/squid.pid

in /etc/fstab
/dev/sdb1 /CACHE1 reiserfs notail,noatime 0 0
/dev/sdc1 /CACHE2 reiserfs notail,noatime 0 0
/dev/sdd1 /CACHE3 reiserfs notail,noatime 0 0

#!/bin/sh
iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
TPROXY --on-port 80
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/tcp_ecn
echo 1 > /proc/sys/net/ipv4/tcp_low_latency
echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range
echo 262144 > /proc/sys/net/core/rmem_default
echo 262144 > /proc/sys/net/core/rmem_max
echo 262144 > /proc/sys/net/core/wmem_default
echo 262144 > /proc/sys/net/core/wmem_max
echo 4096 87380 8388608 > /proc/sys/net/ipv4/tcp_rmem
echo 4096 87380 8388608 > /proc/sys/net/ipv4/tcp_wmem
echo 102400 > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo 4000 > /proc/sys/net/core/netdev_max_backlog
echo 1000000 > /proc/sys/net/ipv4/ip_conntrack_max
echo 1000000 > /proc/sys/fs/file-max
ulimit -HSn 1000000
/etc/init.d/squid stop
/etc/init.d/squid start

Adrian Chadd wrote:
> On Mon, Oct 15, 2007, Tek Bahadur Limbu wrote:
>
>
>>> I've read almost every single thread on Optimizing Squid and Linux and
>>> want to share my setup with you.
>>> I do have some questions, clarifications and bugs but overall the
>>> performance is pretty impressive. (Yes, much better than the NetApps)
>>>
>> Great news to hear that Squid is beating NetCache!
>>
>
> Its not. Modern devices beat squid hands down.
>
>
>
>
> Adrian
>
>
Received on Mon Oct 29 2007 - 10:00:00 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:02 MDT