[squid-users] SMP vs Single Process Performance

From: Sokvantha YOUK <sokvantha_at_gmail.com>
Date: Mon, 18 Mar 2013 15:46:46 +0700

Dear All,

I am going to build squid to supports 1 Gbps traffic on Centos 6 x64
bits. I have done some studying on getting squid to support this high
load traffic but I still not clear on some points below

1. Should I use SMP feature with 6 workers support and AUFS file system?
2. Or single squid process provide better performance and reliable against SMP?

Please find following configuration on my squid server, kindly advice
me on idea for cache_dir per squid process, is it good to choose this
idea . Beside, with this configuration, I am having issues when
opening http://microsoft.com, sometimes it gives me error message
"Your current User-Agent string appears to be from an automated
process, if this is incorrect, please click this link:United States
English Microsoft Homepage"

My squid compiled option:
/usr/local/squid/sbin/squid -v
Squid Cache: Version 3.3.3
configure options: '--sysconfdir=/etc/squid'
'--enable-follow-x-forwarded-for' '--enable-snmp'
'--enable-linux-netfilter' '--enable-http-violations'
'--enable-delay-pools' '--enable-storeio=diskd,aufs,ufs'
'--with-large-files' '--enable-removal-policies=lru,heap'
'--enable-ltdl-convenience' '--with-logdir=/var/log/squid'
'--enable-wccpv2' '--with-default-user=squid'
'--enable-log-daemon-helpers' '--enable-build-info'
'--enable-url-rewrite-helpers'

My Squid.conf

#######################################################
# Server Characteristics
#######################################################
## We don't use this port in this fully transparent mode
http_port 3128
http_port 3129 tproxy disable-pmtu-discovery=always
#icp_port 3130
cache_mgr cache_at_example.com
visible_hostname cache2.example.com
#--Leave coredumps in the first cache dir
coredump_dir /usr/local/squid/var/cache
cache_effective_user squid
cache_effective_group squid

#######################################################
## Performance related config
#######################################################
max_filedescriptors 65536
max_open_disk_fds 65536
dns_v4_first on
negative_ttl 3 minutes
positive_dns_ttl 15 hours
negative_dns_ttl 30 seconds

## Setting the size of DNS cache
ipcache_size 15000
ipcache_low 95
ipcache_high 97
fqdncache_size 10000
cache_mem 2000 MB
memory_pools on
## Cache Object Size limits
minimum_object_size 0 KB
maximum_object_size 700 MB
maximum_object_size_in_memory 1024 KB

#--Cache Replacement Policies
memory_replacement_policy lru
cache_replacement_policy heap LFUDA

#--Setting Limits on object replacement
cache_swap_low 96
cache_swap_high 97

## Spoofing enable
via off
forwarded_for delete
follow_x_forwarded_for deny all
## Remove X-Cache replied from Server
reply_header_access X-Cache deny all

##############################################################
## Squid Logging
##############################################################
## let access_log_daemon handle IO
access_log none
cache_log /var/log/squid/cache.log
cache_store_log none
logfile_rotate 30

##############################################################
## Refresh pattern
##############################################################

## Microsoft
refresh_pattern -i
microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80%
43200 reload-into-ims
refresh_pattern -i
windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80%
43200 reload-into-ims
refresh_pattern -i
my.windowsupdate.website.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip)
4320 80% 43200 reload-into-ims

##images facebook
refresh_pattern ((facebook.com)|(173.252.110.27)).*\.(jpg|png|gif)
 10800 80% 10800 ignore-reload override-expire ignore-no-store
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)
  10800 80% 10800 ignore-reload override-expire ignore-no-store
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png)
  10800 80% 10800 ignore-reload override-expire ignore-no-store
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)
10800 80% 10800 ignore-reload override-expire ignore-no-store

## ANTI VIRUS
refresh_pattern guru.avg.com/.*\.(bin) 10800 80%
10800 ignore-no-store ignore-reload reload-into-ims
refresh_pattern (avgate|avira).*(idx|gz)$
10800 80% 10800 ignore-no-store ignore-reload reload-into-ims
refresh_pattern kaspersky.*\.avc$
10800 80% 10800 ignore-no-store ignore-reload reload-into-ims
refresh_pattern kaspersky
10800 80% 10800 ignore-no-store ignore-reload reload-into-ims
refresh_pattern update.nai.com/.*\.(gem|zip|mcs)
10800 80% 10800 ignore-no-store ignore-reload reload-into-ims
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip)
 10800 80% 10800 ignore-no-store ignore-reload reload-into-ims

##Musics
refresh_pattern -i
\.(mp2|mp3|mid|midi|mp[234]|wav|ram|ra|rm|au|3gp|m4r|m4a)(\?.*|$)
10080 90% 43200 override-expire ignore-reload reload-into-ims
ignore-private
## Videos
refresh_pattern -i
\.(mpg|mpeg|mp4|m4v|mov|avi|asf|wmv|wma|dat|flv|swf)(\?.*|$) 10080
90% 43200 override-expire ignore-reload reload-into-ims
ignore-private
## Pictures
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)(\?.*|$) 3600 90% 43200
override-expire ignore-no-store ignore-private
## Musics
refresh_pattern -i \.(mp[34g]|swf|wav)$ 43200 90% 432000

##--Enable SMP -- Multiple cpus -- (enable)
workers 3
cpu_affinity_map process_numbers=1,2,3,4 cores=1,3,5,7
if ${process_number}=1
cache_dir aufs /cache1/squid/${process_number} 170000 16 256
cache_dir aufs /cache2/squid/${process_number} 170000 16 256
cache_dir aufs /cache3/squid/${process_number} 170000 16 256
endif

if ${process_number}=2
cache_dir aufs /cache4/squid/${process_number} 170000 16 256
cache_dir aufs /cache5/squid/${process_number} 170000 16 256
endif

if ${process_number}=3
cache_dir aufs /cache6/squid/${process_number} 170000 16 256
cache_dir aufs /cache7/squid/${process_number} 170000 16 256
cache_dir aufs /cache8/squid/${process_number} 170000 16 256
endif

## Custom Error
err_page_stylesheet /etc/squid/errorpage.css

--
Regards,
Vantha
Tell: (855) 89896589
email: sokvantha_at_gmail.com
Received on Mon Mar 18 2013 - 08:46:53 MDT

This archive was generated by hypermail 2.2.0 : Tue Mar 19 2013 - 12:00:06 MDT