Squid slowness issues - also a bounty post
-
Hi!
I am having the same squid slow transfer problems on my institution.
I have a dual-wan system: one 25 MBps cable connection on WAN for internet access and one institutional adsl 1MBps on WAN OPT3 (also has internet access using another gateway).
The OPT3 is connected to a 1GBps switch and has a public IP (we have 32 public ips for mail, webpage, etc… and a cisco router).
If I download a huge file from our servers (connected on the WAN OPT3 interface) I can easily get 11000 MBytes/sec from our internal lan's, passing through squid.
Nevertheless, accessing the internet (through the cable connection on WAN) I can get maximum 50Kbytes/sec using squid and 2000KBytes/sec using only NAT and proxy off.
Why using the same squid traffic is slow in one interface and normal on another?Strangely if I discard the cable connection, deactivate WAN OPT3, and connect the 1MBps connection on WAN interface, I can get the full speed of it, downloading at about 200Kbytes/sec from the internet.
Can it be the different modems? On the cable I have a regular Motorola modem, and on the institucional I have a much higher quality adsl modem.
Can it be the NIC? When using cable we connect it to pfsense using a 100MBps 3Com card (xl driver) and the 1Mbps is on one VLAN that enters in pfsense throug a Intel PRO1000 (em driver) together with our internal networks...Can anyone shed some light on this problem? I am liking a lot pfsense, but I cannot have squid turned on because of such slow transfers!
Yours,
Antonio Paulino -
Your choice of NICs will pretty certainly be at the core - Intel NICs are much better than the 3Com ones. I suspect if you switch it for another Intel you'll find a big improvement.
-
Hi!
Thank you for your sugestion.
I exchanged the 3Com NIC for a Intel Pro100 (fxp driver) but the problem stays…Since it is the first time I use pfsense, does anyone knows when the problem first appeared? I don't need many fancy features of pfsense, so probably a old version will just suit me. I just need a simple multi wan routing/NAT/proxy box.
António Paulino
-
The problem appeared sometime after 1.2rc3.
There was a link in another post to older versions. I just checked it and it has been updated and now only includes 1.2 final. If anyone knows where some old 1.2 RCs are located, that would be great. I have a live cd iso for 1.2rc2, but I would hope that the community will respond to the bounty to fix the problem before we're stuck at rc3.
Have you tried using only two interfaces (only LAN/WAN, disable/remove all opt interfaces) and see if your problem still exists?
-
Hi!
I found the old version (including 1.0.1) in one of the mirrors, named loquefaltaba.
There is one directory "old" which old versions, full iso and upgrade packages.I haven't done it, but I will try, perhaps today, and then let you know.
António Paulino
-
Please can you guys provide the output of kldstat command or by any chance those that have issues are using spamd package?
-
From my working (fast) 1.2rc3 box:
Id Refs Address Size Name 1 3 0xc0400000 6df4ac kernel 2 1 0xc0ae0000 59e80 acpi.koFrom my working (very slow) 1.2-Release box:
Id Refs Address Size Name 1 4 0xc0400000 7fb834 kernel 2 1 0xc0bfc000 59e80 acpi.ko 3 1 0xc6f56000 d000 ipfw.koWhat do these outputs mean?
-
ipfw.ko is ipfw which is enabled for schedules and or captive portal.
-
Hi I have five computers with pfsense, all with squid and works very well, never get this problem on any machine, don´t use intel or 3com cards, all cards are realtek 8139, ps - only one point I have a link (1 Mb), all others using pppoe connections. ??? ???
-
Hi!
Finally today I tested an older version of pfsense to diagnose the problem with squid, namely 1.2-RC2.
I used a machine where 1.2-RELEASE and squid 2.6.18 is slow (tested it).
First with only a 25Mbps connection (in WAN) and LAN connection downloading through squid is blazing fast (the same speed without squid).
Next I downloaded the config.xml from the production machine (1.2-RELEASE), changed the interface IP's (to keep the two machines working at the same time) and uploaded to the 1.2-RC2 version. This includes two-WAN configuration and the three internal networks. The speed stayed fast.
This means the problem is with 1.2-RC4 and later distribution, because now the configuration is the same in both machines: the 1.2-Rc2 is downloading fast and 1.2-RELEASE is downloading slow!Any suggestions?
Paulino -
Thanks for the additional testing…it's appreciated.
@ Sullrich
Did the FreeBSD 6.3p?? change from rc3 to rc4 and beyond? I'm not familiar with what theses various releases mean or how much changes from version to version. Have there been any other symptoms that appeared with no changes in the pfsense code from rc3 to rc4? Still just trying to root out the cause of this one. Thanks for your continued input on this and amazing contributions with pfsense.
-
Thanks for the additional testing…it's appreciated.
@ Sullrich
Did the FreeBSD 6.3p?? change from rc3 to rc4 and beyond? I'm not familiar with what theses various releases mean or how much changes from version to version. Have there been any other symptoms that appeared with no changes in the pfsense code from rc3 to rc4? Still just trying to root out the cause of this one. Thanks for your continued input on this and amazing contributions with pfsense.
Not that I can recall.
-
I can confirm. Fresh install of 1.2. Nothing but squid running, latest package as of last night.
With transparent enabled, on our dual-bonded T1 here, I get 600-1100Kbit.
Disabled, I get ~ the full 3Mbit.Architecture is PentiumD with SMP kernel, 1GB RAM, 2GB Swap.
I monitored CPU usage with top. No difference. 99% idle either way.
-
Had the same issue:
Changed the following in /usr/local/pkg/squid.inc and it seems to have increased the speed significantly:
Original line: cache_dir disk_d $cachedir $disk_cache_size $level1 256
New line: cache_dir aufs $cachedir $disk_cache_size $level1 256basically changing from disk_d to aufs
save the file
restart squid. -
Good find, package updated!!
-
thanks everyone, am going to change as said and see if there is any improvement.
-
One warning, upgrading Squid kills it (or at least it did for me) - you have to blow away the old cache directories (in /usr/local/squid/cache) first.
-
@Cry:
One warning, upgrading Squid kills it (or at least it did for me) - you have to blow away the old cache directories (in /usr/local/squid/cache) first.
Hi, how to blow away the old cache /usr/local/squid/cache ?
I'm sorry i just installed pfsense+squid today. even the aufs changed, i still get same problem.
-
SSH in or go to the shell. Option 8 brings you to the command line. Then use the rm command to delete the files in that folder.
-
i have download the latest squid from pakages, its looks like cache_dir aufs $cachedir $disk_cache_size $level1 256 already changed by sullrich.
i have clear cache directories. but it is same like before. download still in a low rate.
i will try 1.2-RC2. thanks.
