Hi,
I'd suggest:
1) memory_pools on (and memory_pools_limit 50MB should be enough).
2) make sure that you have enough FDs available (cache manager may be useful).
3) make sure your squid use kqueue/epoll rather than poll/select.
4) Monitoring FD usage & ipcache size is a good idea.
5) aufs should be nice enough.
6) mount your cache dirs with async and noatime. If its reiserfs (I
do not recommend it), add notail.
7) Unless your squid fakes it's ip address on the server side, I'd
recommend to leave 'forwarded_for on'.
HTH,
On 2/12/07, Troy <t33r0y@gmail.com> wrote:
> Hello,
>
> I was wondering if there were any configuration recommendations for
> Squid in large environments. We have approximately 4000+ users.
> Below is my squid configuration as it stands now without the acl and
> cache_peer_access (and a few other) lines. System configuration is
> below that. I know this is a dual CPU and squid does not really take
> advantage of this configuration. Also, after reading a few of the
> posts here I have been seriously considering removing the RAID1
> configuration on the drives.
>
> http_port 3128
> acl QUERY urlpath_regex cgi-bin \?
> acl SSL method CONNECT
> acl PURGE method PURGE
> no_cache deny QUERY
> cache_mem 768 MB
> max_filedesc 8192
> maximum_object_size 1024 KB
> maximum_object_size_in_memory 128 KB
> ipcache_size 4096
> fqdncache_size 4096
> cache_dir aufs /var/spool/squid_cache 4000 16 256
> #cache_dir null /tmp
> cache_store_log none
> cache_access_log /var/log/squid/access.log
> logfile_rotate 60
> #debug_options ALL,9
> quick_abort_min 16 KB
> quick_abort_max 8192 KB
> quick_abort_pct 50
> negative_ttl 1 minutes
> positive_dns_ttl 1 hours
> negative_dns_ttl 1 minutes
> range_offset_limit 1024 KB
> shutdown_lifetime 10 seconds
>
> memory_pools off
> query_icmp off
> test_reachability off
> buffered_logs on
> never_direct allow all
> snmp_port 3401
> snmp_access allow snmppublic localhost
> snmp_access allow snmppublic mgmt
> snmp_access allow snmppublic proxy_net
> snmp_access deny all
> max_open_disk_fds 0
> uri_whitespace allow
> nonhierarchical_direct off
> prefer_direct off
> strip_query_terms on
> coredump_dir /var/spool/squid
> ignore_unknown_nameservers off
> client_persistent_connections on
> server_persistent_connections on
> half_closed_clients on
> pipeline_prefetch on
> request_entities on
> ie_refresh on
> forwarded_for off
>
>
> HP DL-380 G4
> Dual 3.2GHz CPU
> 4GB Memory
> 2x72GB Drives - RAID 1 - Operating System
> 2x146GB Drives - RAID 1 - Cache
>
> If more information is needed, please let me know.
>
> Thank you,
> Troy
>
-- Gonzalo A. AranaReceived on Mon Feb 12 2007 - 13:31:39 MST
This archive was generated by hypermail pre-2.1.9 : Thu Mar 01 2007 - 12:00:01 MST