Re: [squid-users] small req for gru,s

Hi learner,

squid learner wrote:
> Thanks dear
> please help if U can
> just i am in problem of speed
>
> many times i check direct proxy of isp work faster
> then via squid cache

There could be many things affecting the speed of your proxy in relation
to your ISP parent cache. What is your bandwidth medium and pipe?

Where is your proxy located in your network?

Which Squid version and OS are you running on your machine? How many
users is your proxy server serving? How did you install Squid in the 1st
place? What's the output of "squid -v"?

Try the following squid.conf to see if it works better:

###Start of squid.conf###

cache_effective_user squid
cache_effective_group squid

http_port 3128

cache_peer proxy-dsl.nesma.net.sa parent 8080 0
cache_peer 212.162.158.52 parent 8080 0

acl all src all
never_direct allow all

emulate_httpd_log on

cache_mem 128 MB
cache_dir aufs /usr/local/squid/var/cache 10000 16 256

cache_store_log none
cache_log /var/log/squid/cache.log
access_log /var/log/squid/cache.log

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

logfile_rotate 10

#here your network
acl lan src 192.168.2.0/24

acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl GET method GET
acl POST method POST

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 40% 4320

#Time-to-Live (TTL) for failed request
negative_dns_ttl 2 minutes

#Time-to-Live (TTL) for positive caching of successful DNS lookups.
positive_dns_ttl 1 hours

#Time-to-Live (TTL) for negative caching of failed DNS lookups
negative_dns_ttl 2 minutes

#Time awaited before Squid respond with the error msg. "Connection timed
out."
connect_timeout 90 seconds

#Time awaited by Squid after establishment with a HTTP connection.
request_timeout 20 seconds

#Close half-closed TCP connections
half_closed_clients off

pconn_timeout 30 seconds

ie_refresh on
client_persistent_connections off

http_access allow localhost
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow lan
http_access deny all
icp_access allow all
miss_access allow all

cache_mgr mmmm@hotmail.com
visible_hostname fastcache
unique_hostname fastcache

###End of squid.conf####

After running your cache for some time, can you post the output of:

squidclient mgr:info

Last but not the least, check if there are errors in your network
interfaces.

Hope that helps.

Thanking you...

>
> here my squid.conf
> #your proxy from isp
> cache_peer proxy-dsl.nesma.net.sa parent 8080 3130
> weight=2 no-query round-robin
> cache_peer 212.162.158.52 parent 8080 0 weight=1
> no-query round-robin
> acl all src 0.0.0.0/0.0.0.0
> never_direct allow all
> #prefer_direct allow
>
> cache_mem 32 MB
> cache_dir diskd /usr/local/squid/var/cache 30000 16
> 256 Q1=72 Q2=64
> cache_store_log none
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> #=======adition for ip statics
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
> #forwarded_for of
> logfile_rotate 10
> #=== up to here
> #here your network
> acl lan src 192.168.2.0/24
> acl mylan src 0.0.0.0/24
> acl SSL_ports port 443 563
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> acl Safe_ports port 280
> acl Safe_ports port 488
> acl Safe_ports port 591
> acl Safe_ports port 777
> acl CONNECT method CONNECT
> acl GET method GET
> acl POST method POST
> # If nothing else matches, use this rule
>
> refresh_pattern . 480 50%
> 99999
>
> negative_ttl 0 minutes
> positive_dns_ttl 24 hours
> negative_dns_ttl 1 minutes
> range_offset_limit 0 KB
> connect_timeout 120 minutes
> peer_connect_timeout 30 seconds
> read_timeout 15 minutes
> request_timeout 60 seconds
> client_lifetime 1 day
> pconn_timeout 120 seconds
>
>
> shutdown_lifetime 30 seconds
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow lan
> http_access allow mylan
> http_access deny all
> icp_access allow all
> miss_access allow all
> cache_mgr mmmm@hotmail.com
> visible_hostname fastcache
> unique_hostname fastcache
> cache_effective_user squid
> cache_effective_group squid
> #httpd_accel_host vertual
> #httpd_accel_port 80
> #httpd_accel_with_proxy on
> #httpd_accel_uses_host_header on
> http_port 8080
> http_port 8586
> http_port 3128
>
>
>
> --- Tek Bahadur Limbu <teklimbu@wlink.com.np> wrote:
>
>> Hi learner,
>>
>> squid learner wrote:
>>> sir
>>> i am using squid in my lan
>> 192.168.1.0/255.255.255.0
>>> with onle one lan card
>>> the squid server ip is 192.168.1.200:8080
>>> so all clients proxy setting is 192.168.1.200:8080
>>> did changing the cachi box with two lan cards
>> make
>>> deffrence i mean speed difference
>> I am not sure if I understand your question!
>>
>> I don't think that you will see any speed difference
>> just by adding an
>> extra LAN card.
>> There is no relation between the number of network
>> cards and Squid.
>>
>> Of course, by adding the extra network card, you can
>> do many useful
>> things like making this Squid cache box the gateway
>> for your network.
>>
>> What this means is that you can now locally
>> intercept your clients web
>> requests. No manual proxy configuration in your
>> client's browsers or
>> router redirection needed.
>>
>> Then you can also make this Squid box to act as a
>> firewall for your
>> internal network.
>>
>> Finally, but not the last, you can make this Squid
>> box a bandwidth
>> shaper too.
>>
>> Thanking you...
>>
>>
>>
>>> thank you
>>>
>>>
>>>
> ____________________________________________________________________________________
>>> Be a better friend, newshound, and
>>> know-it-all with Yahoo! Mobile. Try it now.
> http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
>>>
>>>
>>>
>>
>> --
>>
>> With best regards and good wishes,
>>
>> Yours sincerely,
>>
>> Tek Bahadur Limbu
>>
>> System Administrator
>>
>> (TAG/TDG Group)
>> Jwl Systems Department
>>
>> Worldlink Communications Pvt. Ltd.
>>
>> Jawalakhel, Nepal
>>
>> http://www.wlink.com.np
>>
>> http://teklimbu.wordpress.com
>>
>
>
>
> ____________________________________________________________________________________
> Never miss a thing. Make Yahoo your home page.
> http://www.yahoo.com/r/hs
>
>
>
>

-- 
With best regards and good wishes,
Yours sincerely,
Tek Bahadur Limbu
System Administrator
(TAG/TDG Group)
Jwl Systems Department
Worldlink Communications Pvt. Ltd.
Jawalakhel, Nepal
http://www.wlink.com.np
http://teklimbu.wordpress.com