LinuxQuestions.org - Squid 2.6 Stable 12 caching very slowly

1.) What are the specs of your server? CPU? How much RAM? Size/speed of hard drive?

Fedora Core 6
2 Ghz Cpu
2 Gig PC-3200 ram
30 gig 7200 rpm drive that i was too lazy to partition into seperate chunks

2.) Is this a dedicated squid box? Is this box providing other services (Samba, DNS, Sendmail?)

This box is my guinea pig box. i try new things and installs on it and try to learn linux as best i can. currently running apache, samba, squid, dans guardian, and a mud i'm tinkering with.

3.) What is your internet connection? Cable? DSL? dial-up?

Cable Modem - 8mb Down - 1 mb Up

4.) How many users do you have?

2 users, my children

5.) What version squid?

Squid 2.6.Stable12

6.) Are you using the default squid.conf or custom?

Mostly... I've incorporated some of the tricks i've found in my searching to no avail.

Quote:

/etc/squid/squid.conf

http_port 3128 transparent

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

cache_dir ufs /var/spool/squid 1024 64 512
cache_replacement_policy heap LFUDA
maximum_object_size 32 MB
cache_mem 64 MB
maximum_object_size_in_memory 128 KB
memory_replacement_policy heap LFUDA

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

access_log /var/log/squid/access.log squid

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl our_networks src 192.168.1.0/24
acl our_networks src 192.168.2.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow our_networks

http_access allow localhost
http_access deny all

http_reply_access allow all
http_port 3128 transparent

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

cache_dir ufs /var/spool/squid 1024 64 512
cache_replacement_policy heap LFUDA
maximum_object_size 32 MB
cache_mem 64 MB
maximum_object_size_in_memory 128 KB
memory_replacement_policy heap LFUDA

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

access_log /var/log/squid/access.log squid

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl our_networks src 192.168.1.0/24
acl our_networks src 192.168.2.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow our_networks

http_access allow localhost
http_access deny all

http_reply_access allow all

7.) Aprox how much of the squid cache is used (on the average) within a 5-day period?

I just re-initialized it so i dont know. not much.

8.) Most importantly, can you elaborate on why your users are "not sastisfied"?

the load time on web pages is excrutiatingly slow. we're talking multiple minutes for a successful load or just plain timeout.

Quote:

wget output

--20:29:16-- http://nickjr.com/
=> `index.html'
Resolving nickjr.com... 206.220.43.92
Connecting to nickjr.com|206.220.43.92|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://www.nickjr.com/ [following]
--20:29:16-- http://www.nickjr.com/
=> `index.html'
Resolving www.nickjr.com... 77.67.126.57, 77.67.126.34
Connecting to www.nickjr.com|77.67.126.57|:80... connected.
HTTP request sent, awaiting response... 504 Gateway Time-out
20:32:22 ERROR 504: Gateway Time-out.

the above is a wget output from a client computer. every step pops through very very quickly up until it does the HTTP request sent, then it hangs and waits for an eternity. not sure whats up with it.

Quote:

/var/log/squid/access.log

1181014215.679 19345 192.168.2.2 TCP_MISS/000 0 GET http://www.nickjr.com/ - DIRECT/www.nickjr.com -
1181014220.965 5153 192.168.2.2 TCP_MISS/000 0 GET http://www.nickjr.com/ - DIRECT/www.nickjr.com -
1181014276.965 53469 192.168.2.2 TCP_MISS/000 0 GET http://www.nickjr.com/ - DIRECT/www.nickjr.com -
1181014296.966 13474 192.168.2.2 TCP_MISS/000 0 GET http://www.nickjr.com/ - DIRECT/www.nickjr.com -
1181014402.968 103239 192.168.2.2 TCP_MISS/000 0 GET http://www.nickjr.com/ - DIRECT/www.nickjr.com -
1181014433.543 241 192.168.2.2 TCP_MISS/301 641 GET http://nickjr.com/ - DIRECT/206.220.43.92 text/html
1181014618.971 182313 192.168.2.2 TCP_MISS/504 1407 GET http://www.nickjr.com/ - DIRECT/77.67.126.57 text/html

the above is the result of the last several times i tried to get to the kids favorite website on their computer.

Quote:

/var/log/squid/cache.log

2007/06/04 20:40:30| Starting Squid Cache version 2.6.STABLE12 for x86_64-redhat
-linux-gnu...
2007/06/04 20:40:30| Process ID 5502
2007/06/04 20:40:30| With 1024 file descriptors available
2007/06/04 20:40:30| Using epoll for the IO loop
2007/06/04 20:40:30| DNS Socket created at 0.0.0.0, port 32794, FD 5
2007/06/04 20:40:30| Adding nameserver 4.2.2.1 from /etc/resolv.conf
2007/06/04 20:40:30| Adding nameserver 4.2.2.2 from /etc/resolv.conf
2007/06/04 20:40:30| User-Agent logging is disabled.
2007/06/04 20:40:30| Referer logging is disabled.
2007/06/04 20:40:30| Unlinkd pipe opened on FD 10
2007/06/04 20:40:30| Swap maxSize 1048576 KB, estimated 80659 objects
2007/06/04 20:40:30| Target number of buckets: 4032
2007/06/04 20:40:30| Using 8192 Store buckets
2007/06/04 20:40:30| Max Mem size: 65536 KB
2007/06/04 20:40:30| Max Swap size: 1048576 KB
2007/06/04 20:40:30| Local cache digest enabled; rebuild/rewrite every 3600/3600
sec
2007/06/04 20:40:30| Rebuilding storage in /var/spool/squid (CLEAN)
2007/06/04 20:40:30| Using Least Load store dir selection
2007/06/04 20:40:30| Set Current Directory to /var/spool/squid
2007/06/04 20:40:30| Loaded Icons.
2007/06/04 20:40:30| Accepting transparently proxied HTTP connections at 0.0.0.0
, port 3128, FD 12.
2007/06/04 20:40:30| Accepting ICP messages at 0.0.0.0, port 3130, FD 13.
2007/06/04 20:40:30| WCCP Disabled.
2007/06/04 20:40:30| Ready to serve requests.
2007/06/04 20:40:30| Done reading /var/spool/squid swaplog (965 entries)
2007/06/04 20:40:30| Finished rebuilding storage from disk.
2007/06/04 20:40:30| 965 Entries scanned
2007/06/04 20:40:30| 0 Invalid entries.
2007/06/04 20:40:30| 0 With invalid flags.
2007/06/04 20:40:30| 965 Objects loaded.
2007/06/04 20:40:30| 0 Objects expired.
2007/06/04 20:40:30| 0 Objects cancelled.
2007/06/04 20:40:30| 0 Duplicate URLs purged.
2007/06/04 20:40:30| 0 Swapfile clashes avoided.
2007/06/04 20:40:30| Took 0.3 seconds (3353.5 objects/sec).
2007/06/04 20:40:30| Beginning Validation Procedure
2007/06/04 20:40:30| Completed Validation Procedure
2007/06/04 20:40:30| Validated 965 Entries
2007/06/04 20:40:30| store_swap_size = 37628k
2007/06/04 20:40:31| storeLateRelease: released 0 objects

the above is the cache.log output which looks okay to me, but then again i dont know much and thats why i'm writing to you guys.

i'm using this box as an transparent router to forward from an isolated class c private subnet that my children are on to my primary class c private subnet and out the router to the internet.

Iptables is setup to capture anything on the childrens subnet with a destination port of 80 and feed it into squid. i'm not currently filtering the internet with dansguardian, all requests are being forwarded.

mmm i think thats all the information i've seen requested in other posts. Please let me know if i've missed something! (: