Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid negative speed increase

    Scheduled Pinned Locked Moved Cache/Proxy
    3 Posts 2 Posters 840 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lamle
      last edited by

      I have a squid box running as intercept mode for internet access.
      The problem is the HIT percent quite low and Speed increase is negative.
      Here is the statistic:

      Graph Domain: 24 hours (86400 seconds)
      Total Accesses: 1288357
      Average Accesses: 53681.54 per hour
      Total Cache Hits: 181614
      Average Cache Hits: 7567.25 per hour
      % Cache Hits: 14.09 %
      Total Cache IMS Hits: 27451
      Average Cache IMS Hits: 1143.79 per hour
      Total Cache Misses: 1043577
      Average Cache Misses: 43482.37 per hour
      % Cache Misses: 81 %

      Calamaris statistics Summary

      Report period: 22.Jul 18 03:06:09 - 28.Jul 18 00:10:38

      lines parsed: lines 7733940
      invalid lines: lines 8487
      parse time: sec 697
      parse speed: lines/sec 11108

      Proxy statistics

      Total amount: requests 7733940
      unique hosts/users: hosts 4990
      Total Bandwidth: Byte 693G
      Proxy efficiency (HIT [kB/sec] / DIRECT [kB/sec]): factor 0.65
      Average speed increase: % -2.72
      TCP response time of 95.54%% requests (requests > 2000 msec skipped): msec 193

      Cache statistics

      Total amount cached: requests 1023714
      Request hit rate: % 13.24
      Bandwidth savings: Byte 36322M
      Bandwidth savings in Percent (Byte hit rate): % 5.12
      Average cached object size: Byte 37204
      Average direct object size: Byte 105183
      Average object size: Byte 96185

      Top
      Tasks: 146 total, 1 running, 145 sleeping, 0 stopped, 0 zombie
      Cpu(s): 0.5%us, 0.1%sy, 0.0%ni, 98.7%id, 0.3%wa, 0.0%hi, 0.4%si, 0.0%st
      Mem: 20481692k total, 18421712k used, 2059980k free, 1470836k buffers
      Swap: 37502968k total, 10764k used, 37492204k free, 11425116k cached

      Squid configuration
      cache_mem 18024 MB
      acl manager proto cache_object
      acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
      acl localnet src 192.168.200.0/24 # RFC1918 possible internal network
      acl localnet src 172.17.0.0/16 # RFC1918 possible internal network
      acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
      acl localnet src fc00::/7 # RFC 4193 local private network range
      acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
      acl SSL_ports port 443
      acl Safe_ports port 80 # http
      acl Safe_ports port 21 # ftp
      acl Safe_ports port 443 # https
      acl Safe_ports port 70 # gopher
      acl Safe_ports port 210 # wais
      acl Safe_ports port 1025-65535 # unregistered ports
      acl Safe_ports port 280 # http-mgmt
      acl Safe_ports port 488 # gss-http
      acl Safe_ports port 591 # filemaker
      acl Safe_ports port 777 # multiling http
      acl CONNECT method CONNECT
      cachemgr_passwd s3cr3tP4sS all
      http_access allow manager localhost
      http_access deny !Safe_ports
      http_access deny CONNECT !SSL_ports
      http_access allow localnet
      http_access allow localhost
      http_access deny manager
      http_access deny all
      http_port 3128 transparent
      positive_dns_ttl 8 hours
      negative_dns_ttl 30 seconds
      coredump_dir /var/spool/squid
      refresh_pattern ^ftp: 1440 20% 10080
      refresh_pattern ^gopher: 1440 0% 1440
      refresh_pattern -i (/cgi-bin/|?) 0 0% 0
      refresh_pattern . 0 20% 4320
      cache_log /var/log/squid/cache.log
      access_log /var/log/squid/access.log
      client_lifetime 24 hours
      connect_timeout 1 minutes
      forward_timeout 4 minutes
      pconn_timeout 1 minutes
      persistent_request_timeout 2 minutes
      read_timeout 15 minutes
      request_timeout 5 minutes
      shutdown_lifetime 30 seconds
      half_closed_clients on
      check_hostnames on
      allow_underscore on
      dns_retransmit_interval 5 seconds
      dns_timeout 5 seconds
      dns_defnames off
      dns_nameservers none
      hosts_file /etc/hosts
      ipcache_size 10000
      ipcache_low 90
      ipcache_high 95
      fqdncache_size 1024
      cache_replacement_policy lru
      memory_replacement_policy lru
      maximum_object_size 4 MB
      maximum_object_size_in_memory 512 KB # 8KB for high load
      cache_dir aufs /media/nvme 200000 601 256

      Is there any solution to improve the SQUID ?

      1 Reply Last reply Reply Quote 0
      • perikoP
        periko
        last edited by

        How many users are crossing the proxy?
        Did u use auth?
        Did u check cache.log? any error message?
        Your dns is working properly?

        Necesitan Soporte de Pfsense en México?/Need Pfsense Support in Mexico?
        www.bajaopensolutions.com
        https://www.facebook.com/BajaOpenSolutions
        Quieres aprender PfSense, visita mi canal de youtube:
        https://www.youtube.com/c/PedroMorenoBOS

        1 Reply Last reply Reply Quote 0
        • L
          lamle
          last edited by

          @periko said in Squid negative speed increase:

          ng the proxy?
          Did u use auth?

          This squid server serve about 1200 to 1500 Users.
          I don't use auth, no error found, dns google work normal.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.