Re: [squid-users] How to configure Squid can improve the performance ？

On 11/04/18 13:48, 赵 俊 wrote: > Thanks for reading my Email. > > I have two questions: > > My first question is how many maximum concurrent connection and the > maximum new connection of squid are. > There are 64K ports on an IP address. Your Squid and machine also has a filedescriptors (FDs)

[squid-users] How to configure Squid can improve the performance ？

Thanks for reading my Email. I have two questions: My first question is how many maximum concurrent connection and the maximum new connection of squid are. The second question is how to configure Squid can improve the maximum concurrent connection,maximum new connection and the performance .

Re: [squid-users] Squid is very slow after moving to production environment

On 11/04/18 07:10, Roberto Carna wrote: > Thanks to everybody... > > I've reviewed what you tell me. I've executed "squid -k parse" and > everything is ok, and I've restarted de Squid entire server. > > When I use the server with IP#1, it works OK, is fastbut when I > change its IP to IP#2 (t

Re: [squid-users] Secure Web Proxy Stress Testing

Thank you for the clarification. On Tue, Apr 10, 2018, 21:11 Alex Rousskov wrote: > On 04/10/2018 11:24 AM, Panagiotis Bariamis wrote: > > Thank you for your answer but as far as I can understand this setup is > > for a regular proxy that just proxies https protocol with http connect > > header

Re: [squid-users] Squid is very slow after moving to production environment

Thanks to everybody... I've reviewed what you tell me. I've executed "squid -k parse" and everything is ok, and I've restarted de Squid entire server. When I use the server with IP#1, it works OK, is fastbut when I change its IP to IP#2 (the IP from the current Squid that I want to replace),

Re: [squid-users] Squid is very slow after moving to production environment

hi also lower maximum_object_size_in_memory 4096 KB to maximum_object_size_in_memory 1 MB higher not wise - ** * Crash to the future ** -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html _

Re: [squid-users] Secure Web Proxy Stress Testing

On 04/10/2018 11:24 AM, Panagiotis Bariamis wrote: > Thank you for your answer  but as far as I can understand this setup is > for a regular proxy that just proxies https protocol with http connect > headers (unencrypted traffic between client and proxy on http connect > request ) . Your understan

Re: [squid-users] Secure Web Proxy Stress Testing

Thank you for your answer but as far as I can understand this setup is for a regular proxy that just proxies https protocol with http connect headers (unencrypted traffic between client and proxy on http connect request ) . Secure web proxy encrypts traffic between client and proxy meaning that yo

Re: [squid-users] Ideas for better caching these popular urls

Hey Omid, From what I remember the basics of math to verify the patter of a specific set of numbers have some kind of pattern is to have at-least 3 items. But in the cryptography world it another story. I have not researched playstation downloads and will probably won't do that. Others might offe

Re: [squid-users] Proxy through another proxy possible?

On 09/04/18 01:06, xpro wrote: > Thank you. I did get it to work with snippet below > > cache_peer myproxy.com parent 3114 0 no-query default > never_direct allow all > > > can you tell me how I can assign different ports to different outgoing > proxies? > What do you mean by assign ports? Am

Re: [squid-users] Squid is very slow after moving to production environment

Well about Cloned VM's acting slower than the original... I clearly tested it more then once and it's not true and it's a myth. The only issue I have seen with such cloned systems(I have a very large cluster of cloned squid instances) is when the admin over-commit the physical machine. There is an

Re: [squid-users] Proxy through another proxy possible?

Hey, If the snipper works for you then you should be able to use a simple ACL that will pass all traffic of a certain http_port to a specific proxy. However depends on the scenario there are couple things to consider in terms performance of this system. All The Bests, Eliezer Eliezer Croi

Re: [squid-users] Squid is very slow after moving to production environment

On 09.04.18 16:53, Roberto Carna wrote: Dear Periko, so here is what you ask to me: CPU x 8 RAM x 12 GB HD x 50 GB And this is /etc/squid/squid.conf file: cache_mem 4096 MB what is squid's real memory usage? It can be much much more than 4G, 4G is only cache, but squid also uses buffers an

Re: [squid-users] Squid ipcache and DNS TTL smaller than 60 seconds

On 04/10/2018 09:19 AM, Amos Jeffries wrote: > Consider, what would you expect to happen when DNS RRset changes > _multiple_ times within the same TTL that TCP uses for a SYN-ACK timeout > and retry? I would expect that nothing special happens to a good implementation: The TCP client would not no

Re: [squid-users] Squid is very slow after moving to production environment

On 10/04/18 07:58, Roberto Carna wrote: Dear Antony, both proxies are virtual machines in the same DMZthey use the same DNS, the same firewall, the same Internet link, the same IP but different MAC Address. On 10.04.18 22:09, Amos Jeffries wrote: FYI: there were issues some years back with

Re: [squid-users] https proxy authentication

On 11/04/18 02:07, Adam Weremczuk wrote: > Hi Amos, > > > On 30/03/18 02:44, Amos Jeffries wrote: >> So, the big question is why you have this setup of Apache being a >> reverse-proxy for a Squid forward-proxy? >> >> Forward-proxy are supposed to be between clients and reverse-proxies or >> origi

Re: [squid-users] Squid ipcache and DNS TTL smaller than 60 seconds

On 11/04/18 02:14, Peter Viskup wrote: > Squid use TTL of 60 seconds for DNS resource records with TTL smaller > than that value. > > Some sites can have DNS TTL set to lower value due to high availability > design (DNS load balancer). > > In RFCs [1][2][3] it is explained the received TTL can b

Re: [squid-users] Secure Web Proxy Stress Testing

On 04/10/2018 06:31 AM, Panagiotis Bariamis wrote: > Is there any stress testing tool to test with a load of 1k to 5k > simultaneous connections ? Web Polygraph (www.web-polygraph.org) supports HTTPS proxies and can create thousands of concurrent connections. Below is a PGL configuration snippet f

[squid-users] Squid ipcache and DNS TTL smaller than 60 seconds

Squid use TTL of 60 seconds for DNS resource records with TTL smaller than that value. Some sites can have DNS TTL set to lower value due to high availability design (DNS load balancer). In RFCs [1][2][3] it is explained the received TTL can be lowered to the upper bound TTL value of DNS cache, b

Re: [squid-users] https proxy authentication

Hi Amos, On 30/03/18 02:44, Amos Jeffries wrote: So, the big question is why you have this setup of Apache being a reverse-proxy for a Squid forward-proxy? Forward-proxy are supposed to be between clients and reverse-proxies or origins. Not the other way around. This is a set up I inherited w

[squid-users] Secure Web Proxy Stress Testing

Hello , I am trying to stress test a squid proxy (Secure Web Proxy , meaning that client to proxy connection is encrypted ) . I tried with Jmeter but it does not support Secure Web Proxy . To make thing clear I use squid with option https_port and clients get the config from a pac file that states

Re: [squid-users] Ideas for better caching these popular urls

Thanks for reply . I assumed the community at different scales from little isp to large ISPs may have common domains like those i highlighted so they may have same issue as mine . So i ignored common parts . One of problems with redbot is it shows timeout for big files like http://gs2.ww.prod.

Re: [squid-users] Squid4 ICAP connection handling

On Mon, Apr 9, 2018 at 4:43 PM, Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 04/09/2018 06:03 AM, Peter Viskup wrote: >> Running Squid 4.0.23 the ICAP connections getting "frozen". >> >> proxy:~ $ netstat -ntpa| grep 40620 >> tcp 920144 0 127.0.0.1:40620 127.0.0.1:13

Re: [squid-users] Ideas for better caching these popular urls

On 10/04/18 22:32, Omid Kosari wrote: > Hello, > > squid-top-domains.JPG > > > > This image shows stats from one of my squid boxes . I have question about > highlighted ones . I think they should have better

[squid-users] Ideas for better caching these popular urls

Hello, squid-top-domains.JPG This image shows stats from one of my squid boxes . I have question about highlighted ones . I think they should have better hit ratio because they are popular between clients .

Re: [squid-users] Squid is very slow after moving to production environment

On 10/04/18 07:58, Roberto Carna wrote: > Dear Antony, both proxies are virtual machines in the same DMZthey > use the same DNS, the same firewall, the same Internet link, the same > IP but different MAC Address. FYI: there were issues some years back with VMs that were cloned operating VERY

Re: [squid-users] How to configure Icap can improve the performance of proxy?

On 10/04/18 18:11, 赵 俊 wrote: > My Squid  with configuration of Icap like this: > > >  #icap > icap_enable on > icap_preview_enable on > icap_preview_size 1024 > icap_send_client_ip on > adaptation_meta X-Client-Port "%>p" > icap_206_enable on > icap_persistent_connections off > > > icap_servic

Re: [squid-users] Proxy through another proxy possible?

On 10/04/18 13:30, Eliezer Croitoru wrote: > Hey Amos, > > Would a PROXY protocol based "router" or "load balancer" be fine also? Anything that acts like a S-NAT would do. Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists

Re: [squid-users] squid-users Digest, Vol 44, Issue 8

On 09/04/18 00:48, kalice caprice wrote: >> 1) It is only possible to set an IPv6 outgoing when the server being >> connected to is an IPv6 server address. > > It doesn't matter for me, It is just a way to get a different outbound > IPv6 address depending on which port the connection is made to, a