Adrian Chadd napisał(a):
> On Mon, Jan 29, 2007, Robert wrote:
>
>> OK i recompiled squid with options:
>> Squid Cache: Version 2.6.STABLE9
>> configure options: '--enable-storeio=diskd,aufs'
>> '--enable-removal-policies=heap' '--disable-wccp' '--enable-arp-acl'
>> '--enable-cache-digests' '--enable-default-err-language=Polish'
>> '--enable-linux-netfilter' '--disable-ident-lookups'
>> '--disable-hostname-checks' '--enable-underscores' '--enable-async-io'
>> '--enable-kill-parent-hack'
>> Kernel is 2.6.16.18 with epoll compiled in,
>> But cpu load is still too high:
>>
> Whats your configuration file look like, minus all the comments?
> You're "only" averaging 40 requests per second which should be a breeze
> to achieve.
>
> Adrian
>
I have no any large acl's and config is:
http_port 3128 transparent
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 2048 KB
fqdncache_size 4096
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir diskd /cache/cache1 1000 2 256 Q1=64 Q2=72
cache_dir diskd /cache/cache2 1000 2 256 Q1=64 Q2=72
cache_dir diskd /cache/cache3 1000 2 256 Q1=64 Q2=72
logformat squid %>a %tl (RT: %tr ms) (Status: %Ss/%03Hs) (Request: %rm
%ru %un %Sh %mt) (ReplySize: %<st) (%ts.%03tu)
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log none
emulate_httpd_log on
pid_filename /var/run/squid.pid
ftp_telnet_protocol off
check_hostnames off
url_rewrite_host_header on
refresh_pattern windowsupdate.com/.*\.(cab|exe) 4320 100% 43200
reload-into-ims
refresh_pattern windowsupdate.microsoft.com.*\.(cab|exe) 4320 100% 43200
reload-into-ims
refresh_pattern update.microsoft.com/.*\.(cab|exe) 4320 100% 43200
reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe) 4320 100% 43200
reload-into-ims
refresh_pattern pl.download.windowsupdate.com/.*\.(cab|exe) 4320 100%
43200 reload-into-ims
refresh_pattern -i
(.*jpg$|.*jpeg$|.*gif$|.*png$|.*zip$|.*exe$|.*mpg$|.*pdf$|.*mp3$|.*doc$|.*midi$|.*ico$|.*iso$)
0 95% 115200
refresh_pattern -i
(.*wav$|.*cab$|.*avi$|.*swf$|.*bmp$|.*gz$|.*bz2$|.*tgz$|.*tar$|.*jpe$|.*mpeg$|.*ppt$|.*tiff$)
0 95% 115200
refresh_pattern -i (.*html$|.*htm|.*shtml|.*js$|.*css$|.*swf$) 0 70% 43200
refresh_pattern (http://.*/$) 0 20% 1440
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern . 0 60% 22160
quick_abort_min 0 KB
quick_abort_max 0 KB
collapsed_forwarding off
half_closed_clients off
pconn_timeout 60 seconds
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl privates src 192.168.1.0/24
acl wireless src 192.168.8.0/22
acl lancable src 192.168.20.0/23
acl pppoe_privates src 172.16.1.0/24
acl pppoe_wireless src 172.16.8.0/22
acl pppoe_lancable src 172.16.20.0/23
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
acl transparent type transparent
http_access deny !transparent
http_access allow privates
http_access allow wireless
http_access allow lancable
http_access allow pppoe_privates
http_access allow pppoe_wireless
http_access allow pppoe_lancable
http_access deny all
http_reply_access allow all
icp_access deny all
zph_tos_local 8
acl cablelan_net src 192.168.20.0/255.255.254.0
tcp_outgoing_address 80.54.64.253 cablelan_net
acl privates_net src 172.16.1.0/255.255.255.0
tcp_outgoing_address 80.54.65.252 privates_net
acl pppoe_wireless_net src 172.16.8.0/255.255.252.0
tcp_outgoing_address 80.54.63.253 pppoe_wireless_net
acl pppoe_cablelan_net src 172.16.20.0/255.255.254.0
tcp_outgoing_address 80.54.64.253 pppoe_cablelan_net
acl pppoe_privates_net src 172.16.1.0/255.255.255.0
tcp_outgoing_address 80.54.65.252 pppoe_privates_net
cache_effective_user squid
cache_effective_group squid
httpd_accel_no_pmtu_disc on
memory_pools off
buffered_logs off
coredump_dir /cache/cache1
client_persistent_connections off
server_persistent_connections off
detect_broken_pconn on
store_dir_select_algorithm least-load round-robin
Regards
Robert
Received on Tue Jan 30 2007 - 02:42:43 MST
This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST