Hello, I'm going to summarize this..
Basically, I have the squid port running on 4.6 i386 GENERIC and it is
considerably slow. I have about 8 offices running similar configuration and
they all exhibit similar behavior. When I turn off the proxy I get mad
download speeds. When I turn the proxy on I get a fraction of my maximum
throughput. I have been running tests from speedtest.net and I get ~20M down
without proxy turned on, and ~5M down with it on.. My upload stays about the
same ~2.5M. I've done these tests quite a few times and it seems very
consistent. This doesn't seem acceptable..
I also tried tinyproxy just to compare/contrast and I get the same speeds
through that as well. Both were installed from ports. I've done quite a bit of
trying different things and reading online, but I don't see any clues to
something where it's obviously not squid specific.
Any help is greatly appreciated.
Some specs from my primary test firewall:
cpu0: Intel(R) Xeon(TM) CPU 2.80GHz ("GenuineIntel" 686-class) 2.81 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR
real mem = 2146795520 (2047MB)
avail mem = 2067058688 (1971MB)
Squid.conf (from the machine I did the most testing from, and that has the
most bandwidth and users):
http_port XXX.XXX.0.108:3128
hierarchy_stoplist cgi-bin ?
cache_dir null /tmp
cache_access_log /var/squid/logs/access.log
cache_store_log none
dns_nameservers localhost
redirect_children 10
redirect_rewrites_host_header off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl proxy_users_port myport 3128
http_access allow all
http_access deny all
http_reply_access allow all
icp_access allow all
tcp_outgoing_address XX.XXX.XX.81
cache_mgr [email protected]
coredump_dir /var/squid/cache
