Re: [squid-users] Strange High CPU usage

This is a discussion on Re: [squid-users] Strange High CPU usage within the Squid Users forums, part of the Web Server and Related Forums category; Henrik Nordstrom ha scritto: >On Wed, 7 Jan 2004, Giulio Cervera wrote: > > > >>this is ...


Go Back   Usenet Forums > Web Server and Related Forums > Squid Users

Reload this Page Re: [squid-users] Strange High CPU usage

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 01-08-2004
Giulio Cervera
 
Posts: n/a
Default Re: [squid-users] Strange High CPU usage
Henrik Nordstrom ha scritto:

>On Wed, 7 Jan 2004, Giulio Cervera wrote:
>
>
>
>>this is the full acl, i have also attached the full config
>>
>>
>
>Try using half_closed_clients off
>
>Regards
>Henrik
>
>

ops ...
sorry ...
i have wrong cut & paste, i need more holiday :(
the previous msg leak some part of config
this is full (verified), and half_closed_clients is already off

do you think this acl is too big for our targer ( ~200Reqs/sec ) ?

thank's and sorry again



http_port 8080
icp_port 3130

cache_peer 194.218.2.8 parent 8080 0 proxy-only no-query
no-digest
cache_peer 194.218.2.20 parent 8080 0 proxy-only no-query
no-digest
cache_peer 10.253.16.1 sibling 8080 3130 proxy-only
cache_peer 10.253.16.2 sibling 8080 3130 proxy-only
cache_peer 10.253.16.3 sibling 8080 3130 proxy-only
#cache_peer 10.253.16.4 sibling 8080 3130 proxy-only

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

cache_mem 64 MB

cache_swap_low 85
cache_swap_high 90

maximum_object_size 65536 KB

maximum_object_size_in_memory 24 KB

ipcache_size 2048

cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

cache_dir diskd /var/cache/spool/0 28000 96 256 Q1=72 Q2=64
cache_dir diskd /var/cache/spool/1 28000 96 256 Q1=72 Q2=64
cache_dir diskd /var/cache/spool/2 28000 96 256 Q1=72 Q2=64

cache_access_log /var/cache/log/access.log
cache_log /var/cache/log/cache.log
cache_store_log none

log_ip_on_direct on

pid_filename /var/cache/run/cache.pid

ftp_user proxy@rupa.it

dns_timeout 1 minutes

hosts_file none

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320


quick_abort_min 0 KB
quick_abort_max 0 KB

positive_dns_ttl 1 hours

range_offset_limit 0 KB

read_timeout 10 minutes

half_closed_clients off

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Tunnel_ports port 443-499
acl Tunnel_no_src src 10.253.0.0/16
acl Tunnel_method method CONNECT
acl Safe_ports port 80 # http
acl Safe_ports port 81 # http 2
acl Safe_ports port 21 # ftp
acl Safe_ports port 443-499 # https
acl Safe_ports port 1025-65535 # unregistered ports
acl clients src 10.0.0.0/8
acl clients src 172.16.0.0/12
acl clients src 192.168.0.0/16
acl clients src 194.218.0.0/19
acl locallan dst 10.253.0.0/16
acl locallan dst 194.218.2.0/23
acl proxylan dst 10.253.16.0/27
acl allowed_peer src 10.253.16.1
acl allowed_peer src 10.253.16.2
acl allowed_peer src 10.253.16.3
acl allowed_peer src 10.253.16.4

acl siteallow_url url_regex -i ^.{3,4}://.*\.public\.rupa\.it
acl siteallow_dst dst 194.218.2.160/27
acl siteallow_dst dst 10.253.64.0/24
acl siteallow_dst dst 10.253.16.0/27

acl dangurl urlpath_regex -i \.id[aq]\?.{100,} # CodeRED
acl dangurl urlpath_regex -i /readme\.(eml|nws|exe) # NIMDA

acl mgmtlan src 10.253.0.0/23
acl FTP proto FTP

acl SITIRUPA dst 194.218.0.0/19
acl SITIRUPA dst 10.0.0.0/8
acl SITIRUPA dst 172.16.0.0/16

acl LLPPProxy src 10.136.1.206
acl LLPPsicoge dst 194.218.14.15

#SNMP ACL
acl SNMPallow src 127.0.0.1/32
acl SNMPallow src 10.253.0.0/16
acl snmppublic snmp_community edsaipa

http_access allow allowed_peer

http_access allow manager localhost
http_access allow manager mgmtlan
http_access deny manager

http_access deny to_localhost
http_access deny !Safe_ports
http_access deny dangurl

http_access deny Tunnel_method Tunnel_no_src !Tunnel_ports

http_access allow siteallow_url
http_access allow siteallow_dst
http_access deny locallan

http_access allow LLPPsicoge LLPPProxy
http_access deny LLPPsicoge

http_access allow clients

http_access deny all

http_reply_access allow all

icp_access allow allowed_peer
icp_access deny all

cache_peer_access 194.218.2.8 allow FTP
cache_peer_access 194.218.2.20 allow SITIRUPA
cache_peer_access 194.218.2.20 deny all
cache_peer_access 10.253.16.1 deny SITIRUPA
cache_peer_access 10.253.16.1 allow all
cache_peer_access 10.253.16.2 deny SITIRUPA
cache_peer_access 10.253.16.2 allow all
cache_peer_access 10.253.16.3 deny SITIRUPA
cache_peer_access 10.253.16.3 allow all

cache_mgr unix@edspa.it

visible_hostname caspy008.cgi.rupa.it

logfile_rotate 0

memory_pools_limit 50 MB

store_avg_object_size 25 KB

client_db off

buffered_logs off

always_direct allow proxylan
always_direct deny FTP
always_direct deny SITIRUPA
always_direct deny all

never_direct deny proxylan
never_direct allow SITIRUPA

snmp_port 3401

snmp_access allow snmppublic SNMPallow
snmp_access deny all

coredump_dir /var/cache

ignore_unknown_nameservers off

digest_rebuild_period 15 minute

digest_rewrite_period 15 minute

--

*Giulio Cervera*

EDS PA SpA
Via Atanasio Soldati 80
00155 Roma (Italy)
tel: +39 06 22739 270
fax: +39 06 22739 233
e-mail: giulio.cervera@edspa.it <mailto:giulio.cervera@edspa.it>


Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 01:33 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0