Página 1 de 5 12345 ÚltimoÚltimo
+ Responder ao Tópico



  1. Pessoal,

    tenho um debian leny com duas placas 10/100Mpbs intel ela tem IP: 200.x.x.x.x na placa eth1 e 10.0.1.254 na placa eth0 que é o gw da rede interna...as máquinas que pingam no ip 10.0.1.254 tem resposta de latência muita alta chegando a 600ms e quando paro o squid pinga a 1ms então estou notando que o problema está no squid...já desativei o cache full mas continua do mesmo jeito...o que posso fazer para melhorar? estou com o squid 2.7 e configuração abaixo:
    Código :
    #NOME DO SERVIDOR#####################################################
    visible_hostname DebianLinux
    ######################################################################
    #IP+PORTA USADA ####################################################
    http_port 10.0.1.254:3128
    ######################################################################
    icp_port 0
    ######################################################################
    #CACHE USADO-METADE DA RAM)###########################################
    cache_mem  256 MB
    ######################################################################
    #Cache Swap###########################################################
    cache_swap_low  80
    cache_swap_high 90
    ######################################################################
    #OBJECT_SIZE##########################################################
    maximum_object_size 200 MB
    minimum_object_size 0 KB
    #tamanho m�ximo dos objetos alocados na mem�ria.
    maximum_object_size_in_memory 256 KB
    ######################################################################
    #DIRETORIOS DO CACHE MULTIPLOS########################################
    cache_dir aufs /var/cachesquid1  5000 16 256
    cache_dir aufs /var/cachesquid2 5000 16 256
    cache_dir aufs /var/cachesquid3 5000 16 256
    #cache_dir aufs /var/cachesquid4 2900 128 512
    #cache_dir aufs /var/cachesquid5 2900 128 512
    # Resolve um problema com conex�es persistentes que ocorre com certos servidores,
    # e que provoca delays em nosso cache.
    detect_broken_pconn on
     
    # Provoca um ganho de performance ao usar conex�es Pipeline (requisi��es em
    # paralelo)
    pipeline_prefetch on
     
     
    #DNS squid cache
    dns_nameservers 10.0.1.254
    #dns_nameservers 127.0.1.1
     
    #####################################################################
    #LOGS################################################################
    cache_access_log /var/log/squid/access.log
    cache_log /var/log/squid/cache.log
    cache_store_log none
    #####################################################################
    #REGRA AUTENTICACAO
    auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
    auth_param basic children 3
    authenticate_ttl 10 minutes
    authenticate_ip_ttl 0
    ####################################################################
    request_body_max_size 0 MB
    ####################################################################
    #ACL's########################################################
    #SITES QUE N�O PRECISAM DE AUTENTICACAO COM SENHA
    acl NO_AUTH url_regex -i '/etc/squid/no_auth_url'
    http_access allow NO_AUTH
    #################################################
    #SITES BLOQUEADOS PARA QUALQUER USUARIO
    #acl BLOCK url_regex -i  '/etc/squid/bloqueados'
    #http_access deny BLOCK
    #################################################
    #MSN S� PARA USUARIOS DESSA ACL##################
    acl bloqueiamsn url_regex -i "/etc/squid/bloqueiamsn"
    acl g_liberado proxy_auth amandacarlos  alisson roze neide ademario wpsc  luiz.roma marinalva natasha fernando rmartins vicente inspetor   diego handerson
    http_access deny bloqueiamsn !g_liberado
    #################################################
    ##### BLOQUEIO DE DOWNLOAD DAS EXTENSOES ABAIXO##
    acl EXTENSOES url_regex -i  \.arj  \.mp3 \.bat \.pif \.scr \.src  \.wma \.avi \.wmv \.pps \.ppt \.rar
    http_access deny EXTENSOES
    #################################################
    #REGRAS GERAIS###################################
    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
     
    acl SSL_ports port 443 4243 563
    acl Safe_ports port 80 21 443 563 70 210 1025-65535
    acl Safe_ports port 280         # http-mgmt
    acl Safe_ports port 488         # gss-http
    acl Safe_ports port 591         # filemaker
    acl Safe_ports port 777         # multiling http
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localhost
     
     
    #CACHE FULL
    #refresh_pattern (/cgi-bin/|\?) 0 0% 0
    #refresh_pattern . 0 20% 4
     
    #adicionado para testes
    #refresh_pattern ^ftp: 15 20% 2280
    #refresh_pattern ^gopher: 15 0% 2280
    #refresh_pattern . 15 20% 2280
     
     
    #-----------------------------------------------
    #OPÃOES DE REDIRECIONAMENTO THUNDERCACHE
    url_rewrite_children 10
    acl store_rewrite_list dstdomain -i "/etc/squid/thunder.lst"
    url_rewrite_access allow store_rewrite_list
    url_rewrite_access deny all
    url_rewrite_program /etc/squid/loader.php
    ##nega cache local, para nãoo haver duplicação
    acl localcache dstdomain 10.0.1.254
    cache deny localcache
    #-----------------------------------------------
     
     
    #FTP
    ftp_passive on
    ftp_sanitycheck on
     
     
     
    #Estas 'refresh_pattern' fazem com que o squid mantenha o maximo
    #possivel um objeto em cache, aumentando o cache HIT e byte HIT
     
    refresh_pattern -i \.jpg$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.gif$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.png$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.jpeg$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.bmp$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.tif$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.tiff$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.swf$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.exe$ 0 50% 21600 reload-into-ims
    refresh_pattern -i \.php$ 0 20% 1440 reload-into-ims
    refresh_pattern -i \.html$ 0 20% 1440 reload-into-ims
    refresh_pattern -i \.htm$ 0 20% 1440 reload-into-ims
    refresh_pattern -i \.shtml$ 0 20% 1440 reload-into-ims
    #ZPH cache FULL
    zph_local 0x60
    zph_mode tos
    zph_option 136
    zph_parent 0
    zph_sibling 0
     
     
    #SITES QUE N�O ENTRAM NO CACHE###################
    acl NO_CACHE url_regex -i '/etc/squid/no_cache_url'
    no_cache deny NO_CACHE
    #################################################
    #AUTENTICA��ES POR USUARIO#######################
     
    #Amanda
    acl u_amandacarlos proxy_auth amandacarlos
    etc.....(todos usuarios)
     
     
    ####################################################################
    #LIBERAR AUTENTICACAO################################################
      acl autenticados proxy_auth REQUIRED
      http_access allow autenticados
    #####################################################################
    miss_access allow all
    cache_mgr root
    memory_pools on
    #####################################################################
    #BLOQUEIA TUDO#######################################################
     http_access deny all
    ####################################################################

    e ai o que posso fazer pois por causa dessa latência alta minha telefonia voip não está funcionando e como ver qual máquina da rede está mandando muita requisição para o squid??

    OBS.: o servidor é um P4 2.66 + 1GB de memoria dd400 + 160GB sata rodando iptables, squid(thundercache e cache full + proxy autenticado) + qoS htb+tc +sarg + dns
    Última edição por osmano807; 24-06-2010 às 17:09. Razão: Correção do título

  2. Amigo eu não manjo muito mais o hd é pequeno para squid.. e thundercache e tem pouca memoria, com o squid.conf a galera que tem mais conhecimento vai te da uma ajuda.



  3. amigo mas estou usando 20% do Hd...minha rede não é tão grande assim...tenho 40 máquinas requisitando.memória estou com 60% em uso.

  4. Amigo a unica coisa que acheu estranho, pois eu não tenho experiencia eu vi aqui no meu que você coloco diferente eu sinceramente eu não sei a diferença. Vo postar como o meu tá;

    #porta usada
    http_port 3128 transparent

    Desculpe se falei besteira, pois não manjo muito, se quiser eu posto meu squid.conf para você da uma olhada. t+



  5. alterei como vc pediu mas continua do mesmo jeito...latência alta...vou tirar o DNS dele e deixar só o DNS da embratel no /etc/resolv.conf

    posto aqui depois e o transparent é para quem usa squid transparente como o nome já diz o meu é autenticado.






Tópicos Similares

  1. Latencia alta em rede
    Por madaraxdxd no fórum Redes
    Respostas: 7
    Último Post: 29-03-2017, 13:39
  2. Latência Alta em Rede com 2000 Clientes
    Por adelsonbbg no fórum Redes
    Respostas: 12
    Último Post: 17-01-2012, 14:35
  3. Latência Alta em Rede 5 Ghz
    Por UmDiaFrio no fórum Redes
    Respostas: 4
    Último Post: 23-12-2011, 18:59
  4. Latência alta em rede cabeada
    Por Cybervix no fórum Redes
    Respostas: 17
    Último Post: 02-09-2009, 10:44
  5. Mikrotik com latência alta na rede cabeada
    Por tekinowaza no fórum Redes
    Respostas: 10
    Último Post: 17-06-2008, 23:01

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L