[FUG-BR] Ajuda com squid
Fabiano Carlos Heringer
bigu em grupoheringer.com.br
Sábado Outubro 16 09:14:04 BRT 2010
Pessoal, estou tendo problemas serissimos no meu Freebsd quando starto
o squid.
A navegacao fica extremamente lenta, e os pings para o gateway onde esta
o squid, ficam oscilando..chega a 300ms, até perder pacotes.
A maquina é um Core2Duo 2GB de RAM, HD 500GB SATA, O freebsd é
gateway# uname -a
FreeBSD gateway.xxxx 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Fri Oct 15
08:58:33 BRT 2010 root em gateway.xxxx:/usr/obj/usr/src/sys/HERINGER i386
Ja tentei varios tipos de configuracoes no squid, mas nada resolve...ja
troquei até de maquina, placa de rede, reinstalei freebsd. Ja removi o
squidguard, troquei tipo de filesystem, restartei o cache, instalei o
squid 3.x, mudei os parametros de cache_replacement (voltei para o
original) e nada...
meu squid.conf:
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
error_directory /usr/local/etc/squid/errors/Portuguese
#logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st
"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
logformat combined %>a %mt
logfile_rotate 4
visible_hostname gateway.grupoheringer.com.br
request_body_max_size 2 MB
url_rewrite_program /usr/local/bin/squidGuard -c
/usr/local/etc/squid/squidGuard.conf
url_rewrite_children 15
url_rewrite_host_header off
dns_nameservers 10.0.0.2
dns_nameservers 10.0.0.3
dns_nameservers 10.0.0.4
ipcache_size 1024
ipcache_low 90
ipcache_high 95
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_mem 1024 MB
maximum_object_size 100000 KB
minimum_object_size 4 KB
maximum_object_size_in_memory 128 KB
cache_dir aufs /usr/local/squid/cache 10000 32 256
#cache_dir diskd /squid/cache 10000 32 512 Q1=72 Q2=64
half_closed_clients off
server_persistent_connections off
client_persistent_connections off
memory_pools off
buffered_logs on
pipeline_prefetch on
### O restante sao so regras de bloqueio
gateway# netstat -m
407/1393/1800 mbufs in use (current/cache/total)
402/1164/1566/25600 mbuf clusters in use (current/cache/total/max)
401/1007 mbuf+clusters out of packet secondary zone in use (current/cache)
3/101/104/12800 4k (page size) jumbo clusters in use
(current/cache/total/max)
0/0/0/6400 9k jumbo clusters in use (current/cache/total/max)
0/0/0/3200 16k jumbo clusters in use (current/cache/total/max)
917K/3080K/3998K bytes allocated to network (current/cache/total)
0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
0/0/0 requests for jumbo clusters denied (4k/9k/16k)
0/5/6656 sfbufs in use (current/peak/max)
0 requests for sfbufs denied
0 requests for sfbufs delayed
0 requests for I/O initiated by sendfile
0 calls to protocol drain routines
Quando redirecionado para o squid via PF, olhem como ficam os pings para
uma rede dentro da rede local.
Ao desabilitar o squid, tudo volta ao normal.
64 bytes from 10.0.0.2: icmp_seq=114 ttl=128 time=0.359 ms
64 bytes from 10.0.0.2: icmp_seq=115 ttl=128 time=0.354 ms
64 bytes from 10.0.0.2: icmp_seq=116 ttl=128 time=0.402 ms
64 bytes from 10.0.0.2: icmp_seq=117 ttl=128 time=0.465 ms
64 bytes from 10.0.0.2: icmp_seq=118 ttl=128 time=104.028 ms
ping: sendto: No buffer space available
64 bytes from 10.0.0.2: icmp_seq=120 ttl=128 time=4.181 ms
ping: sendto: No buffer space available
64 bytes from 10.0.0.2: icmp_seq=122 ttl=128 time=0.330 ms
64 bytes from 10.0.0.2: icmp_seq=123 ttl=128 time=157.064 ms
64 bytes from 10.0.0.2: icmp_seq=124 ttl=128 time=108.539 ms
64 bytes from 10.0.0.2: icmp_seq=125 ttl=128 time=61.842 ms
64 bytes from 10.0.0.2: icmp_seq=126 ttl=128 time=91.489 ms
64 bytes from 10.0.0.2: icmp_seq=127 ttl=128 time=0.351 ms
64 bytes from 10.0.0.2: icmp_seq=128 ttl=128 time=77.771 ms
64 bytes from 10.0.0.2: icmp_seq=129 ttl=128 time=0.395 ms
64 bytes from 10.0.0.2: icmp_seq=130 ttl=128 time=4.056 ms
Alguma ideia?
Obrigado
Mais detalhes sobre a lista de discussão freebsd