|
Greetings...
We
managed to increase the number of file descriptors to 8192 on an e-smith
box. We applied some of the squid.conf tweaks suggested by the
list.
We are
a laptop school, and have as many as 1000 users online at certain times. We had
tried installs of ClarkConnect and e-smith, and we had tried various things to
improve performance. Squid with DansGuardian or SquidGuard would choke under
load. The best option we found was e-smith 5.6 with Tech-Geeks squidGuard. We
had a cron job that would restart squid every half hour to keep it functional.
Censornet and IPCop couldn't be easily installed on our hardware, so we worked
with ClarkConnect and e-smith.
Our
proxy/filter machine is a dual 900 PIII with a 36 gig UW160 scsi HD and 2 gig of
ram. The backup proxy filter (and test box) is a dual 200 with a 9 gig UW160 HD
and 512 megs of ram. We have a 10 meg pipe.
Finally the connection does not choke under load, and performance is
excellent.
We
took a fresh e-smith install and installed the http://swelltech.com/support/updates/squid/7.x/RPMS/
and installed squid-2.4.STABLE7-1rh.i386.rpm. This required an updated openssl,
and we used the openssl096-0.9.6-6.i386.rpm from rpmfind.
We
installed the squidGuard from Tech-Geeks - http://www.tech-geeks.org/servers/sme/squidGuard/squidguard3.2-README.txt
We
modified the start section of the /etc/init.d/squid file
start() {
echo 8192 > /proc/sys/fs/file-max ulimit -HSn 8192 for adir in $CACHE_SWAP; do if [ ! -d $adir/00 ]; then echo -n "init_cache_dir $adir... " $SQUID -z -F -D 2>/dev/null fi done Now
restart squid and if you check cache.log, you will discover that you are running
with 8192 file descriptors.
We
also modified squid.conf according to recommendations on this list, and have
been pleased with the results. The squid.conf mods didn't help us much without
the increased file descriptors. With the increased file descriptors, and the
following changes to squid.conf (and a smaller cache_dir), the dual 200 machine
works great under high traffic.
cache_mem 128 KB
cache_swap_low 95 cache_swap_high 98 cache_replacement_policy heap GDSF memory_replacement_policy heap GDSF cache_dir diskd /var/spool/squid 10000 32 256 cache_store_log none log_icp_queries off client_db off redirector_bypass on half_closed_clients off
server_persistent_connections off client_persistent_connections off This process works with e-smith 5.6U5 and 6.0final. After modifying the squid.conf we had to create the cache_dir with a squid -z We are running 15 redirect children. Once we sorted out these details, we wrote the e-smith
templates and moved on to another project.
We appreciate the help of folks on
the list as we have worked with this. Maybe
our experience can help someone else.
Regards... Tom
|