Squid negative speed increase



  • I have a squid box running as intercept mode for internet access.
    The problem is the HIT percent quite low and Speed increase is negative.
    Here is the statistic:

    Graph Domain: 24 hours (86400 seconds)
    Total Accesses: 1288357
    Average Accesses: 53681.54 per hour
    Total Cache Hits: 181614
    Average Cache Hits: 7567.25 per hour
    % Cache Hits: 14.09 %
    Total Cache IMS Hits: 27451
    Average Cache IMS Hits: 1143.79 per hour
    Total Cache Misses: 1043577
    Average Cache Misses: 43482.37 per hour
    % Cache Misses: 81 %

    Calamaris statistics Summary

    Report period: 22.Jul 18 03:06:09 - 28.Jul 18 00:10:38

    lines parsed: lines 7733940
    invalid lines: lines 8487
    parse time: sec 697
    parse speed: lines/sec 11108

    Proxy statistics

    Total amount: requests 7733940
    unique hosts/users: hosts 4990
    Total Bandwidth: Byte 693G
    Proxy efficiency (HIT [kB/sec] / DIRECT [kB/sec]): factor 0.65
    Average speed increase: % -2.72
    TCP response time of 95.54%% requests (requests > 2000 msec skipped): msec 193

    Cache statistics

    Total amount cached: requests 1023714
    Request hit rate: % 13.24
    Bandwidth savings: Byte 36322M
    Bandwidth savings in Percent (Byte hit rate): % 5.12
    Average cached object size: Byte 37204
    Average direct object size: Byte 105183
    Average object size: Byte 96185

    Top
    Tasks: 146 total, 1 running, 145 sleeping, 0 stopped, 0 zombie
    Cpu(s): 0.5%us, 0.1%sy, 0.0%ni, 98.7%id, 0.3%wa, 0.0%hi, 0.4%si, 0.0%st
    Mem: 20481692k total, 18421712k used, 2059980k free, 1470836k buffers
    Swap: 37502968k total, 10764k used, 37492204k free, 11425116k cached

    Squid configuration
    cache_mem 18024 MB
    acl manager proto cache_object
    acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
    acl localnet src 192.168.200.0/24 # RFC1918 possible internal network
    acl localnet src 172.17.0.0/16 # RFC1918 possible internal network
    acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
    acl localnet src fc00::/7 # RFC 4193 local private network range
    acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
    acl SSL_ports port 443
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    cachemgr_passwd s3cr3tP4sS all
    http_access allow manager localhost
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localnet
    http_access allow localhost
    http_access deny manager
    http_access deny all
    http_port 3128 transparent
    positive_dns_ttl 8 hours
    negative_dns_ttl 30 seconds
    coredump_dir /var/spool/squid
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|?) 0 0% 0
    refresh_pattern . 0 20% 4320
    cache_log /var/log/squid/cache.log
    access_log /var/log/squid/access.log
    client_lifetime 24 hours
    connect_timeout 1 minutes
    forward_timeout 4 minutes
    pconn_timeout 1 minutes
    persistent_request_timeout 2 minutes
    read_timeout 15 minutes
    request_timeout 5 minutes
    shutdown_lifetime 30 seconds
    half_closed_clients on
    check_hostnames on
    allow_underscore on
    dns_retransmit_interval 5 seconds
    dns_timeout 5 seconds
    dns_defnames off
    dns_nameservers none
    hosts_file /etc/hosts
    ipcache_size 10000
    ipcache_low 90
    ipcache_high 95
    fqdncache_size 1024
    cache_replacement_policy lru
    memory_replacement_policy lru
    maximum_object_size 4 MB
    maximum_object_size_in_memory 512 KB # 8KB for high load
    cache_dir aufs /media/nvme 200000 601 256

    Is there any solution to improve the SQUID ?



  • How many users are crossing the proxy?
    Did u use auth?
    Did u check cache.log? any error message?
    Your dns is working properly?


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy