||18th April 2008 08:25
Squid: too slow for some websites
We have two squid servers (2.5.STABLE12), first on RHEL 4 and other on FreeBSD 6.1. Users are connected to Squid Servers, and Squid Servers are connected to Gateway.
My problem is that our own website.. say mysite.com is opening very slow, every user is complaining.
If we bypass squid, then its very fine. We also needs to block caching of our website. No page/images should be cached of our website at all because its a dynamic site and we need to view latest contents quickly after uploads.
Both squid have identical squid.conf (apart from directory paths) and the strange thing is we are unable to open some websites(or extremely slow) like howtoforge.com, mysite.com using when connecting with RHEL but things improves with FreeBSD. There's are 100 users connected with RHEL and around 75 with FreeBSD. Some users are using Linux while others are on Windows but facing the same problem.
Here is my squid.conf (from bsd squid), I request you to please have a look and advice:
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 512 MB
cache_dir ufs /usr/local/squid/cache 15360 16 256
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl CONNECT method CONNECT
acl ournet src 192.168.0.0/255.255.0.0
acl except src 192.168.50.199/255.255.255.255
acl vpn src 10.0.0.0/255.0.0.0
acl block_url url_regex "/etc/sites.txt"
acl nocachedomains dstdomain .mysite.com
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow except
http_access deny ournet block_url
http_access allow ournet
http_access allow vpn
http_access deny all
always_direct allow nocachedomains
no_cache deny nocachedomains
http_reply_access allow all
icp_access allow all
||20th April 2008 00:17
Any errors in your logs? did you disable SELinux on RedHat?
|All times are GMT +2. The time now is 22:30.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.