Squid Otimização - Help!

1. Squid Otimização - Help!

Ivan Gonzalez Pien
GonzalezRS

(usa Outra)

Enviado em 25/07/2014 - 11:07h

Olá, sou novo no fórum, e fui muito bem recomendado a postar minhas dúvidas nesse fórum.

Tenho um Servidor IPTables/SQUID, a algum tempo está 100% e agora foi adicionado mais 10 computadores em uma rede que tinha 30 computadores, então total 40 computadores.

Percebi com o tempo que a internet ficava muito lenta, fiz várias alterações no squid mas sem sucesso, posso estar errado em alguma coisa, ou não estou enxergando o problema.

Servidor Core2Quad Q8400 4Gb RAM, 500 HD


Disk /dev/sda: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders, total 976773168 sectors
Units = setores of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00097544

Dispositivo Boot Start End Blocks Id System
/dev/sda1 * 2048 960139263 480068608 83 Linux
/dev/sda2 960141310 976771071 8314881 5 Estendida
/dev/sda5 960141312 976771071 8314880 82 Linux swap / Solaris



Meu Squid


http_port 3128 intercept

cache_mem 1724 MB
maximum_object_size 512 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95

cache_dir ufs /var/spool/squid3 16000 16 256

cache_access_log /var/log/squid3/access.log

visible_hostname www.squid-cache.org
cache_mgr gonzalezrs.303030@gmail.com

coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320


error_directory /usr/share/squid3/errors/pt-br

################################################################################
# Acls Padrao
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

# Acls Personalizadas
#acl localnet src 192.168.1.0/24


acl acessobasico arp "/etc/squid3/mac.basico"
acl acessomedio arp "/etc/squid3/mac.medio"
acl acessocompleto arp "/etc/squid3/mac.total"

# Bloqueios Sites/Arquivos/Palavras
acl palavras url_regex -i "/etc/squid3/palavras.deny"

acl sitesproibidos url_regex -i "/etc/squid3/sites.deny"
acl sitesliberados url_regex -i "/etc/squid3/sites.allow"

acl downloadsproibidos url_regex -i "/etc/squid3/downloads.deny"
acl downloadsliberados url_regex -i "/etc/squid3/downloads.allow"

################################################################################ ##
# Ativar ACLs Padrão
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost

################################################################################ ##
# Ativar ACLs Personalizadas
http_access allow acessocompleto
http_access allow sitesliberados
http_access allow downloadsliberados
http_access deny downloadsproibidos
http_access allow acessomedio !sitesproibidos
http_access deny palavras
http_access deny sitesproibidos
http_access deny acessobasico !sitesliberados
#http_access deny localnet
http_access deny all



  


2. Re: Squid Otimização - Help!

Ribeiro, M.S.
ribeirosga

(usa Ubuntu)

Enviado em 25/07/2014 - 12:01h

Caro GonzalezRS, pelo visto está faltando gerenciar o uso da banda...
Vou te passar o link do tutorial do Morimoto, um dos melhores pra se estudar Squid: http://www.hardware.com.br/livros/servidores-linux/configurando-servidor-proxy-com-squid.html
Aí tem lá a parte que fala sobre a gerência do uso da banda... Acho q pode te ajudar...
Quase coisa dá um feedback...
Abraço.


3. Cache

Ivan Gonzalez Pien
GonzalezRS

(usa Outra)

Enviado em 26/07/2014 - 10:44h

Tenho analisado os logs e percebido que não está fazendo cache, estes sites sempre é aberto diariamente. Não deveria aparecer um TCP_HIT?

Sobre o controle de banda, não é o problema, pois tem um link de 40/40, e não é usado nem 10mb deles.

Desde já agradeço a colaboração.

1406381794.628 1636 192.168.1.21 TCP_MISS/200 443 GET http://dc60.s290.meetrics.net/bb-mx/submit? - DIRECT/78.46.47.12 image/gif
1406381794.664 181 192.168.1.21 TCP_MISS/200 6829 GET http://cdn.flashtalking.com/xre/89/892623/773364/js/j-892623-773364.js - DIRECT/184.85.143.211 text/javascript
1406381794.721 39 192.168.1.21 TCP_MISS/200 4171 GET http://cdn.flashtalking.com/pageFold/ftpagefold_v3.0.16.js - DIRECT/184.85.143.211 text/javascript
1406381794.731 1802 192.168.1.21 TCP_MISS/200 62837 GET http://adserv.quality-channel.de/RealMedia/ads/Creatives/qc/ON01X6971XBILLBOARDHOME06/04_LOTTO_6aus4...? - DIRECT/194.64.250.200 application/x-shockwave-flash
1406381794.759 1241 192.168.1.21 TCP_MISS/200 27534 GET http://adserv.quality-channel.de/RealMedia/ads/Creatives/qc/ON01X6684XLOGOBOXHOME/NEUDE_Logo_Adjustm... - DIRECT/194.64.250.200 image/jpeg
1406381794.872 165 192.168.1.21 TCP_MISS/200 64395 GET http://cdn.flashtalking.com/xre/89/892623/773364/swf/sparen_xx_xx_wp_910x110-200x600-sb-dr.swf - DIRECT/184.85.143.211 application/x-shockwave-flash
1406381794.925 242 192.168.1.21 TCP_MISS/200 1557 GET http://servedby.flashtalking.com/imp/2/36348;892624;201;js;SpiegelDE;v0101FIXhomepage26072014sparenw...? - DIRECT/216.38.162.131 text/javascript
1406381794.979 45 192.168.1.21 TCP_MISS/200 6830 GET http://cdn.flashtalking.com/xre/89/892624/773361/js/j-892624-773361.js - DIRECT/184.85.143.211 text/javascript
1406381794.986 195 192.168.1.21 TCP_MISS/200 519 GET http://stat.flashtalking.com/reportV3/ft.stat? - DIRECT/177.159.181.161 text/plain
1406381795.001 162 192.168.1.21 TCP_MISS/200 519 GET http://stat.flashtalking.com/reportV3/ft.stat? - DIRECT/177.159.181.161 text/plain
1406381795.077 72 192.168.1.21 TCP_MISS/200 519 GET http://stat.flashtalking.com/reportV3/ft.stat? - DIRECT/177.159.181.161 text/plain
1406381795.229 114 192.168.1.21 TCP_MISS/200 81558 GET http://cdn.flashtalking.com/xre/89/892624/773361/swf/sparen_xx_xx_wp_910x110-200x600-sky-dr.swf - DIRECT/184.85.143.211 application/x-shockwave-flash
1406381795.401 687 192.168.1.21 TCP_MISS/200 721 GET http://t4ft.de/tp/? - DIRECT/46.20.32.67 image/gif
1406381795.522 507 192.168.1.21 TCP_MISS/200 449 GET http://adserv.quality-channel.de/RealMedia/ads/adstream_lx.ads/www.spiegel.de/homepage/center/L30/12...? - DIRECT/194.64.250.200 image/gif
1406381795.534 515 192.168.1.21 TCP_MISS/200 449 GET http://adserv.quality-channel.de/5/www.spiegel.de/homepage/center/L30/1386108306/Bottom1/qc/ON30X200...? - DIRECT/194.64.250.200 image/gif
1406381795.586 578 192.168.1.21 TCP_MISS/200 721 GET http://t4ft.de/tp/? - DIRECT/46.20.32.67 image/gif
1406381795.591 44 192.168.1.21 TCP_MISS/200 519 GET http://stat.flashtalking.com/reportV3/ft.stat? - DIRECT/177.159.181.161 text/plain
1406381795.604 577 192.168.1.21 TCP_MISS/200 449 GET http://adserv.quality-channel.de/5/www.spiegel.de/homepage/center/L30/1230029579/TopRight/qc/flash-t...? - DIRECT/194.64.250.200 image/gif
1406381795.621 602 192.168.1.21 TCP_MISS/302 551 GET http://adserv.quality-channel.de/RealMedia/ads/cap.cgi? - DIRECT/194.64.250.200 application/x-httpd-cgi
1406381795.632 918 192.168.1.21 TCP_MISS/200 11623 GET http://t4ft.de/c/ftg_vis.min.js - DIRECT/46.20.32.67 application/javascript
1406381795.791 44 192.168.1.21 TCP_MISS/200 519 GET http://stat.flashtalking.com/reportV3/ft.stat? - DIRECT/177.159.181.161 text/plain
1406381796.003 969 192.168.1.21 TCP_MISS/200 1048 GET http://biscuittin.net/biscuittin-tracking/track/campaign/spiegel_qc_pb_d? - DIRECT/178.208.99.72 text/html
1406381796.074 78 192.168.1.21 TCP_MISS/200 519 GET http://stat.flashtalking.com/reportV3/ft.stat? - DIRECT/177.159.181.161 text/plain
1406381796.226 507 192.168.1.21 TCP_MISS/200 2392 GET http://adserv.quality-channel.de/RealMedia/ads/Creatives/qc/ON23XX4454XX2013X21/ON23XX4454XX2013X21_...? - DIRECT/194.64.250.200 text/html
1406381796.469 1055 192.168.1.21 TCP_MISS/200 40178 GET http://adserv.quality-channel.de/RealMedia/ads/Creatives/qc/ON02X20005XX1/2f1_s79_230_230.swf? - DIRECT/194.64.250.200 application/x-shockwave-flash
1406381796.534 514 192.168.1.21 TCP_MISS/200 685 GET http://biscuittin.net/biscuittin-tracking/tracking.js - DIRECT/178.208.99.72 application/javascript
1406381796.580 560 192.168.1.21 TCP_MISS/200 1109 GET http://biscuittin.net/biscuittin-tracking/clientidsupporter.js - DIRECT/178.208.99.72 application/javascript
1406381797.094 497 192.168.1.21 TCP_MISS/302 487 GET http://biscuittin.net/biscuittin-tracking/track/campaign/spiegel_qc_pb_d/client/6c83cca0-79f7-46c4-babb-4879fddd9965? - DIRECT/178.208.99.72 -
1406381797.339 810 192.168.1.21 TCP_MISS/200 570 GET http://wlresults.westlotto.com/crossdomain.xml - DIRECT/194.25.144.208 application/xml
1406381797.591 278 192.168.1.21 TCP_MISS/200 443 GET http://dc60.s290.meetrics.net/bb-mx/submit? - DIRECT/78.46.47.12 image/gif
1406381797.612 514 192.168.1.21 TCP_MISS/200 2398 GET http://biscuittin.net/biscuittin-tracking/1x1.gif - DIRECT/178.208.99.72 image/gif
1406381797.842 493 192.168.1.21 TCP_MISS/200 1268 GET http://wlresults.westlotto.com/wlinfo/WL_InfoService? - DIRECT/194.25.144.208 text/xml
1406381797.922 297 192.168.1.21 TCP_MISS/200 2008 GET http://www.spiegel.de/favicon.ico - DIRECT/62.138.116.3 image/x-icon
1406381799.825 74 192.168.1.21 TCP_MISS/200 519 GET http://stat.flashtalking.com/reportV3/ft.stat? - DIRECT/177.159.181.161 text/plain
1406381800.074 74 192.168.1.21 TCP_MISS/200 519 GET http://stat.flashtalking.com/reportV3/ft.stat? - DIRECT/177.159.181.161 text/plain
1406381803.229 563 192.168.1.21 TCP_MISS/200 443 GET http://dc60.s290.meetrics.net/bb-mx/submit? - DIRECT/78.46.47.12 image/gif









Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts