LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices



Reply
 
Search this Thread
Old 10-17-2004, 09:09 AM   #1
wennie
LQ Newbie
 
Registered: Oct 2004
Posts: 21

Rep: Reputation: 15
Please help me on my squid 2.5 setup


Hello all,

Im having a problem with my squid setup, I have a server HP DL 380 3.06 Gig processor with 1 Gig memory and 3x64.6 scsi ultra 320 configure as raid 5. Im running named, Iptables and squid 2.5 stable on a Fedora Core 1.

My problem is that when there are few subscribers say 5 to 10 the squid seem to run smooth and fast but when i reach around 40 subscibers then it seems its very slow. below are the configuration i change in squid the rest are default:

http_port 3128
icp_port 3130
cache_mem 450 MB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 35000 256 512
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
debug_options ALL,1
ftp_user Squid
acl ipaddr src 212.119.85.0/255.255.255.0
http_access allow ipaddr
cache_peer proxy.cyberia.net.sa parent 8080 3130 no-query
cache_peer 212.119.85.85 sibling 3128 3130
never_direct allow ipaddr
always_direct deny ipaddr


my second question, is download speed from squid to a subscriber is affected by the type of the program it access, example, php, jsp, html etc.

thank you very much and im hoping that you can help me on fine tuning my squid server.

wennie
 
Old 10-22-2004, 02:11 PM   #2
Pcghost
Senior Member
 
Registered: Feb 2003
Location: The Real Washington
Distribution: Ubuntu, Debian, SuSE, UnSlung, Android
Posts: 1,819

Rep: Reputation: 46
What does ps -A or top tell you about the resource usage on the machine? Is there a huge rise in usage when the users connect?
 
Old 11-01-2004, 01:39 AM   #3
wennie
LQ Newbie
 
Registered: Oct 2004
Posts: 21

Original Poster
Rep: Reputation: 15
There is no other services that uses my squid, the machine is 1 GIG in memory and i alot 450 for the cache.

I actually have an idea so solve it but i just want to double check it with you if my idea is correct.

My proxy/cache server is situated with all the workstation meaning they share the bandwith, so if the workstation already consume the bandwidth therefore my cache cannot connect to the internet, thats probably causes its slowness. My idea is to put 2 NIC card eth0 is pointing to the internet and eth1 is pointing to the internal network, iptables is also activated and the bandwidth of the proxy/cache server is dedidated, while the workstation has there own bandwitdh so that even the workstation consume there bandwidth my proxy/cache server can still connect to the internet.

Is this solution is possible? or maybe you have other solution.
 
Old 11-01-2004, 01:25 PM   #4
Pcghost
Senior Member
 
Registered: Feb 2003
Location: The Real Washington
Distribution: Ubuntu, Debian, SuSE, UnSlung, Android
Posts: 1,819

Rep: Reputation: 46
It definitely makes no sense to have the proxy and the clients both have direct access to the Internet. That ruins the cool barrier the proxy server serves as between the bad guys and your client machines. That is likely why your connection from the proxy to the web is so slow, the bandwidth is being eaten by the clients. Make the clients use the proxy to get out and you should see a big difference in performance, and a vast improvement in security as well.

Your idea is more than possible, it is the ideal set-up for a proxy server. :-)
 
Old 11-01-2004, 10:02 PM   #5
wennie
LQ Newbie
 
Registered: Oct 2004
Posts: 21

Original Poster
Rep: Reputation: 15
Thank you very much. I'll implement it...
 
Old 11-01-2004, 11:50 PM   #6
Pcghost
Senior Member
 
Registered: Feb 2003
Location: The Real Washington
Distribution: Ubuntu, Debian, SuSE, UnSlung, Android
Posts: 1,819

Rep: Reputation: 46
Good luck and post if you get stuck. Keep in mind 2 things.

The first is that it takes a little time for a proxy to build up a good cache, depending on the amount of traffic and the caching rules in the conf file.

The second is that browsing the web from the squid machine while clients are pounding the crap out of it will most likely be affected by their use. I tried to run YoU on our proxy last week without cutting off our 147 users and it timed out downloading the patches, all on a T-1 line. I normally disable the proxy while using the Internet for updating/downloading. It really depends on the total number and surfing habits of your users..
 
Old 11-02-2004, 01:06 AM   #7
wennie
LQ Newbie
 
Registered: Oct 2004
Posts: 21

Original Poster
Rep: Reputation: 15
I already migrated to the new network setup for my server which runs firewall proxy and cache (eth0 is directly connected to the router going to the internet
and eth1 is connected to the switch going to the client) I have some question,

1 If my cache server is running for 1 week and my connection to the internet fails, can it offer at least the cache web pages to thew clients. (im testing it i cache a page let say yahoo.com and nba.com then i swich off the router, im expecting that when i browse the net looking for nba or yahoo my cache server will provide me with the cache page, but i cant get the cache page it seems that the cache is not working. how can i check if proxy and cache is working well except for using the netstat and tail command?

2. Can you please give me en example of rate limiting in squid, say for example i want to rate limit per client say for example client 1 has 10 kbits/sec commited internet rate and from that 10 kbs 7 kbps is for http, ftp,tftp and the remaining 3kbps is for chat, irc messenger. is there a way i can do it in the squid server with out buying an an expensive bandwidth manager machine?

3. can you give me an example of perfect caching rule?

thank you very much for your support

wennie
 
Old 11-03-2004, 01:08 AM   #8
wennie
LQ Newbie
 
Registered: Oct 2004
Posts: 21

Original Poster
Rep: Reputation: 15
Pcghost,

I have a follow up question, my company is connected to an ISP and all our IP's are passing thru our ISP's proxy server (the only information i know about there proxy is the proxy name ip address and port) now I set up our own proxy/cache server and configure it with a parent and sibling cache: (cache_peer proxy.cyberia.net.sa parent 8080 3130 no-query; cache_peer 212.119.85.1 sibling 3128 )3130)ISP cache as parent and my cache as sibling.

my questions are:

1. Am i doing the right setup?
2. di i need to inform my isp to to define me as a sibling cache?
3. what other important parameter do i need to configure my squid to work smoothly with parent and sibling setup?

thank you very much,

wennie
 
Old 11-04-2004, 12:17 PM   #9
Pcghost
Senior Member
 
Registered: Feb 2003
Location: The Real Washington
Distribution: Ubuntu, Debian, SuSE, UnSlung, Android
Posts: 1,819

Rep: Reputation: 46
All Squid should need is the address and port number of the parent proxy. I would not think you would need to inform you ISP that you are using a child proxy because the end result is the same as if you were connecting with a browser. Instead of browser-requests-page it is simply browser-requests-from-squis-->squid-requests-from-ISPproxy--->Squid-sends-result-to-browser if that makes any sense.

Your setup should serve you well from the sound of your needs.

Perfect caching rules really depend on a number of factors, including the number of clients, their surfing habits, and the type of Internet connection you have.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid firewall setup cortj Linux - Networking 9 10-11-2006 05:05 AM
Basic Squid setup help GraemeK Linux - Networking 3 06-10-2005 01:15 PM
Squid setup for ISP how-to? crocks21 Linux - Networking 1 05-25-2005 12:19 AM
Setup Squid question... hct224 Linux - Newbie 0 05-02-2004 11:09 AM
Setup squid behind another proxy Salihou Linux - Networking 0 01-06-2004 09:45 AM


All times are GMT -5. The time now is 01:15 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration