SQUID in non transparent mode has catastrophic performance drop
-
Using 2.1.5-RELEASE with squid3-dev / 3.3.10 pkg 2.2.8
I've been using SQUID in transparent mode for a while (several weeks) and it works perfect.
I want to implement authentication so I need to run it in non transparent mode.
Before messing around with authentication I just wanted to see if it would run smoothly in non transparent mode.
Here's what I did :
-
Services > Proxy Server
I uncheck the Transparent HTTP proxy checkbox. -
Firewall > Rules > LAN
I block HTTP port (80) for TCP -
To make auto-configuration I followed this:
https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid
After creating the files I added additional DHCP options like so:
http://cl.ly/image/430u022O3N3TI also added a DNS host override like so:
http://cl.ly/image/3k382b461r3NTested, everything worked fine!
WPAD would work exact for Firefox.
And I would see that everything goes through the proxy from pfSense, in the Real Time tab of the Proxy server page.
But as a few more users started using it, it became REALLY slow.
And i mean EXTREMELY slow.
So I had to disable everything!
I don't understand why because it's the same proxy, just now it's not in transparent mode, so what would this affect performance !
Just unblocking port 80 and re-enabling transparent mode made everything as fast as usual.
I'm stuck at this point so any help would be greatly appreciated!
-
-
No one ?
:'(
-
Go to SSH shell and run
squidclient -p 3128 mgr:info
Look at the Median Service Times. Look for something that stands out, like a DNS lookup times in the 1-10+ second range.
