Hi guys ,
Hi all .
i need best practise for squid version and recommended config for rock store
and filesystem/mounting that give me maximum bandwith saving ?
i tried the last version of 3.head , but it hanged after 10 minutes of
working !!
for now , im using 3.4.7 and its stable , and I have 20 G rams and want to
save bandwitsh based on rams then I will use rock.
But before all of that I want to make sure large rock is working fine and
make sure that shafed memory & rock is not limited to 32 kb before I go
ahead.
For now I will post my squid.conf file and want help the best optimization
for squid.conf to save more bandwidth as it can:
Here is my config:
=======================
[root@squidsmp ~]# squid -v
Squid Cache: Version 3.4.7
configure options: '--build=i486-linux-gnu' '--prefix=/usr'
'--includedir=/include' '--mandir=/share/man' '--infodir=/share/info'
'--sysconfdir=/etc' '--enable-cachemgr-hostname=drx' '--localstatedir=/var'
'--libexecdir=/lib/squid' '--disable-maintainer-mode'
'--disable-dependency-tracking' '--disable-silent-rules' '--srcdir=.'
'--datadir=/usr/share/squid' '--sysconfdir=/etc/squid'
'--mandir=/usr/share/man' '--enable-inline' '--enable-async-io=8'
'--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap'
'--enable-delay-pools' '--enable-cache-digests' '--enable-underscores'
'--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth'
'--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam
,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=smb_lm'
'--enable-digest-auth-helpers=ldap,password'
'--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-arp-acl'
'--enable-esi' '--disable-translation' '--with-logdir=/var/log/squid'
'--with-pidfile=/var/run/squid.pid' '--with-filedescriptors=131072'
'--with-large-files' '--with-default-user=squid' '--enable-linux-netfilter'
'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -g -Wall -O2' 'LDFLAGS='
'CPPFLAGS=' 'CXXFLAGS=-g -O2 -g -Wall -O2' '--enable-ltdl-convenience'
[root@squidsmp ~]# uname -a
Linux squidsmp 3.7.5 #1 SMP Mon Sep 15 07:04:35 EDT 2014 x86_64 x86_64
x86_64 GNU/Linux
[root@squidsmp ~]# cat /etc/squid/squid.conf
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged)
machines
acl mysubnet src xxxxxx
acl xxx src xxx
acl localip src xxx
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
######################################################
##############################################################
http_access allow xxx
http_access allow manager xx
http_access deny !Safe_ports
http_access allow localnet
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
#######################################################
###########SMP oPTIONS#####################
dns_v4_first on
# 3 workers, using worker #1 as the frontend is important
workers 2
#three workers
########################################################
#cpu_affinity_map process_numbers=1,2,3,4 cores=2,4,6,8
#http_port 127.0.0.1:400${process_number}
#http_port ::1:66000
#########################################
visible_hostname netstream.ps
####################################################
####Filterring##############
acl blockkeywords dstdomain "/etc/squid/koko.acl"
http_access deny blockkeywords
#################################################
##Regix filtering##########
acl xacl dstdom_regex "/etc/squid/squid-regex.acl"
http_access deny xacl
##############################
cache_log /var/log/squid/cache.log
#access_log stdio:/var/log/squid/access.log
access_log /var/log/squid/access.log
###############################################
http_port xxx:65000
http_port xxxx:3129 tproxy
############################################################################
http_access allow mysubnet
############################################################################
################
cache_mgr a@a
cachemgr_passwd a all
#######################################################
# add user authentication and similar options here
http_access allow manager localhost
http_access allow manager localip
http_access allow manager mysubnet
http_access allow mysubnet manager
http_access deny manager
#######################################################################
cache_mem 20000 MB
# ^^ per process mem size.
maximum_object_size 20 MB
maximum_object_size_in_memory 20 MB
##################################################
# the frontend requires a different name to the backend
#######################################################################
cache_swap_low 90
cache_swap_high 95
###########################################################
#########################################################
quick_abort_pct 95
fqdncache_size 65535
ipcache_size 65535
###########################################################
ipcache_low 98
ipcache_high 99
#####################################################
########### WCCP2 Config#############
wccp2_router xxx.x.x.
wccp2_rebuild_wait off
wccp_version 2
wccp2_forwarding_method 2
wccp2_return_method 2
wccp2_assignment_method 2
wccp2_service dynamic 80
wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=250 ports=80
wccp2_service dynamic 90
wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source
priority=250 ports=80
######################################################
cache_effective_user squid
cache_effective_group squid
#######################################################
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
#####################################################
dns_nameservers xxxxx
#######################################################
http_access deny all
##############################
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
####################################################
#####################################
####Slow after sometime tshooting############
memory_pools off
pconn_timeout 2 minutes
persistent_request_timeout 1 minute
read_ahead_gap 128 KB
###############################################
#####rotating logs#####
logfile_rotate 0
###########################################################################
max_filedescriptors 131072
###########
wish to help
regards
Dr.x
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
