Hi,
I'm looking for some roundabout requests/second expectations for a Squid
2.7 machine (Modern quad core, 8+GB RAM, RHEL 5.4 x64) with all caching
disabled. I will not be caching any requests coming into the Squid
server (no cache_dirs, etc). All of the baseline stats that I can find
seem to
-users@squid-cache.org
Subject: Re: [squid-users] Performance (RPS) on 2.7
Baird, Josh wrote:
Hi,
I'm looking for some roundabout requests/second expectations for a
Squid
2.7 machine (Modern quad core, 8+GB RAM, RHEL 5.4 x64) with all
caching
disabled. I will not be caching any requests coming
FWIW, I'm talking about 20-30Mbit of traffic.
Josh
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent: Tuesday, February 02, 2010 2:16 PM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] Performance (RPS) on 2.7
Baird, Josh wrote:
Hi,
I'm looking
Does squid keep an internal counter of requests (HTTP, etc) per second?
All I see from 'squidclient mgr:info' is a requests per minute counter
for HTTP requests:
Number of HTTP requests received: 92
Average HTTP requests per minute since start: 26.7
Thanks,
Josh
I am trying to ignore requests from two IP addresses in my access_log.
These two hosts connect every second and do health checks of the proxy
service and I would like to eliminate the access_log spam that they
create. Here is what I am trying:
acl loadbalancers src 172.26.100.136/255.255.255.255
the other traffic. It doesn't seem that log_access is
X-Forwarded-For aware? Any ideas?
acl loadbalancers src 10.26.100.130/255.255.255.255
acl loadbalancers src 10.26.100.131/255.255.255.255
log_access deny !loadbalancers
Thanks,
Josh
From: Baird, Josh jba...@follett.com
I am trying to ignore
hosts in access_log
On Mon, 15 Mar 2010 12:15:49 -0500, Baird, Josh jba...@follett.com
wrote:
Ok, that sort of worked. I have a pair of load balancers sitting in
front of my Squid proxy farm. The load balancers insert the
X-Forwarded-For header into each HTTP request which allows Squid to log
Amos,
Do you think that what I am trying to achieve is possible?
Thanks,
Josh
-Original Message-
From: Baird, Josh
Sent: Tuesday, March 16, 2010 9:25 AM
To: Amos Jeffries; squid-users@squid-cache.org
Subject: RE: [squid-users] Ignore requests from certain hosts in access_log
Hi Amos
deny all
cache_dir null /tmp
# Misc Configuration
negative_ttl 0
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent: Friday, March 19, 2010 6:55 PM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] Ignore requests from certain hosts in access_log
Baird, Josh
@squid-cache.org
Subject: Re: [squid-users] Ignore requests from certain hosts in access_log
Baird, Josh wrote:
And, you still see the non-healthcheck, normal traffic logged using the
X-Forwarded-For information?
Yes.
Here is my entire config, maybe this will help:
snip
# We want to append
I need to configure a pair of load balancers in front of Squid to send
periodic health HTTP requests to my Squid servers to make sure they are
up and functioning properly. How should I structure this HTTP request?
A GET / results in an invalid-request. What type of request can I use
that will
What I have done is configured the load balancers to do a GET on a bogus
URL:
GET http://health.check/please/ignore
Then, to ignore these requests to prevent log spam:
acl healthcheck dstdomain health.check
log_access deny healthcheck
Thanks,
Josh
-Original Message-
From: Baird
Typically, all of our proxy clients connect to our Squid servers via
HTTP (TCP/80). If they request a HTTPS site, Squid will CONNECT to the
site and tunnel the data back to the client via HTTP.
I have a scenario now where the entire stream needs to be HTTPS:
-
From: Baird, Josh
Sent: Friday, May 07, 2010 1:17 PM
To: 'squid-users@squid-cache.org'
Subject: HTTPS and Squid
Typically, all of our proxy clients connect to our Squid servers via
HTTP (TCP/80). If they request a HTTPS site, Squid will CONNECT to the
site and tunnel the data back
Agreed. Heartbeat is likely the easiest way to achieve your active/passive
desired configuration. If you want to introduce load balancing, you can take a
look at LVS for Linux or a more expensive, hardware based solution like F5's
BigIP.
Josh
-Original Message-
From: Henrik
Hi,
We are currently running Squid 2.6 out of the RHEL 5.5 repos. We use
WebSense to filter web traffic which communicates with Squid via a
redirector plugin. HTTP blocking works fine, but when users try to
access a HTTPS page that is blocked, in IE7, the user gets a generic
The Page Cannot Be
To: Baird, Josh
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Redirector 302 Redirects not working for CONNECT
method
mån 2010-06-21 klockan 11:34 -0500 skrev Baird, Josh:
HTTP blocking works fine, but when users try to
access a HTTPS page that is blocked, in IE7, the user gets
. Is there a
way to debug this and figure out what ACL I should be using with deny_info?
Thanks,
Josh
-Original Message-
From: Henrik Nordström [mailto:hen...@henriknordstrom.net]
Sent: Monday, June 21, 2010 1:09 PM
To: Baird, Josh
Cc: squid-users@squid-cache.org
Subject: RE: [squid
Hi,
I have a pair of forward proxy's (Squid 2.6STABLE 21/EL5 averaging about
500-600requests per minute currently. All caching has been disabled.
Some users are reporting high latency and slow browsing. Below is a
snapshot of stats from Squid. Could someone tell me if anything stands
out that
Hi,
I have a Squid 2.6STABLE-21 (EL5) forward proxy that is having problems
with one site:
http://gw.vtrenz.net/?DPO95NI5KU
It looks like Squid is dropping the text in the URL after the ?,
causing the remote website to return the incorrect data:
1278944523.919 1223 172.26.103.175
Amos,
Do you have any other ideas on why this site would break using Squid?
Thanks,
Josh
Baird, Josh wrote:
Hi,
I have a Squid 2.6STABLE-21 (EL5) forward proxy that is having
problems
with one site:
http://gw.vtrenz.net/?DPO95NI5KU
It looks like Squid is dropping the text in the URL
Has anyone noticed any issues accessing Facebook this morning behind a
forward Squid proxy (I am running 2.6STABLE21/EL5). It seems like the
first time that I access the site, Squid is returning a Read Error -
Connection Reset by Peer (104). Refreshing the page usually
temporarily fixes the
Should I encounter long delays when accessing a HTTP site via IP (not
FQDN/friendly name/etc) that does not have a valid reverse DNS record?
I am encountering an issue where it takes 25-30 seconds to access a site
that does not have a valid reverse DNS record. Using Squid 2.6/EL5.
Thanks,
Josh
Sorry for the off-topic post, but this seems like a decent place to ask.
What FTP proxy are people using these days? Is there a better
alternative to Frox?
Thanks,
Josh
Are there any docs that reference performance differences between 2.6/7
and 3.1? I'm running several 2.6 clusters (forward proxy) with all
caching disabled doing 20-30mbps per node. The nodes are not far from
idle in terms of CPU and memory. They are currently running
RHEL5/x86_64. Should I
You aren't allowing tunneling/CONNECT to TCP/8081. It would appear that you
need to adjust your ACLs to allow this.
-Original Message-
From: Oscar Andrés Eraso Moncayo [mailto:oscar.er...@sisa.com.co]
Sent: Wednesday, April 27, 2011 1:07 PM
To: squid-users@squid-cache.org
Subject:
I would take a look at LVS or HAProxy.
Josh
-Original Message-
From: Billie Martin [mailto:ex.wife.bil...@gmail.com]
Sent: Monday, August 15, 2011 3:34 PM
To: squid-users@squid-cache.org
Subject: [squid-users] Can Squid Load Balancing be Dynamic/Conditional against
SNMP Monitoring?
I
Hi,
What is the best tool to use to figure out heavy users behind a Squid forward
proxy? I'm looking for throughput/usage data per client IP (we log using the
X-Forwarded-For header, so the tool would need to use this value to report on).
We are currently using RHEL5/squid-2.6.STABLE21-6.el5.
For what it's worth, I have written a ZenPack for Squid. Contact me off list
if you want a copy.
Thanks,
Josh
-Original Message-
From: Peter Gaughran [mailto:peter.gaugh...@nuim.ie]
Sent: Wednesday, March 07, 2012 9:55 AM
To: Amos Jeffries
Cc: squid-users@squid-cache.org
Subject: Re:
.. and you won't find that number, because that number does not exist. It
depends on a number of factors including, but not limited to: the type of
traffic traversing the proxy, caching/no caching, authentication methods,
architecture, Squid version, amount of traffic, traffic patterns, ACLs,
Good numbers. I believe that it would be very beneficial to the community if
you wouldn't mind sharing the kernel tweaks and squid tweaks that you used to
achieve these numbers.
Thanks,
Josh
-Original Message-
From: GarethC [mailto:gar...@garethcoffey.com]
Sent: Tuesday, March 20,
Hi,
Running 2.6.STABLE21-6 (RHEL5) here. I am unable to access
http://www.nacuboannualmeeting.org/. The error that is thrown is:
The following error was encountered:
Read Error
The system returned:
(104) Connection reset by peer
My access.log shows:
04/May/2012:08:49:03 -0500
Hi,
Running squid-2.6STABLE-6.el5 (RHEL5) here. Trying to configure NTLM
authentication. I successfully configured krb/samba and have verified
successful authentication using:
$ /usr/bin/ntlm_auth --username=jbaird
password:
NT_STATUS_OK: Success (0x0)
I can also enumerate groups and users
from the
proxy to the DC.
Does anyone have any ideas on how I can further troubleshoot this?
Thanks.
-Original Message-
From: Baird, Josh [mailto:jba...@follett.com]
Sent: Wednesday, July 18, 2012 10:01 AM
To: squid-users@squid-cache.org
Subject: [squid-users] NTLM Authentication
Hi,
I'm wondering what others are doing about non-browser applications (Anti-virus
software that fetches updates, instant messengers over HTTP, etc) that sit
behind a Squid proxy that requires NTLM authentication? These applications, in
my experience, use Windows' proxy settings to proxy
PM, Baird, Josh wrote:
Hi,
I'm wondering what others are doing about non-browser applications
(Anti-virus software that fetches updates, instant messengers over HTTP, etc)
that sit behind a Squid proxy that requires NTLM authentication? These
applications, in my experience, use Windows
http_acccess allow requirentlmhosts requirentlm
This takes care of forcing requirentlmhosts to auth, but if I have another
http_access rule that allows everyone else, what keeps requirentlmhosts from
getting out without auth?
Thanks,
Josh
-Original Message-
From: Baird, Josh
Sent: Thursday
Hi,
Can someone confirm if the include directive is supported in 2.6? I'm
running squid-2.6.STABLE21-6.el5, and have include /etc/squid/conf.d/*.conf
in my squid.conf. No errors are reported, but the configuration files do not
seem to actually be included.
Thanks,
Josh
I would probably do one RAID1 for the OS, and then one RAID10 for everything
else... but, it really depends on how much load this particular box will be
under.
Josh
-Original Message-
From: Will I am [mailto:souleesty...@gmail.com]
Sent: Monday, September 17, 2012 11:41 AM
To:
Hi,
Our Squid 2.7 proxies are failing on a specific request:
KeyValue
ResponseHTTP/1.0 400 Bad Request
Server squid
Date Wed, 28 Nov 2012 13:07:29 GMT
Content-Typetext/html
Content-Length2144
Expires Wed, 28 Nov 2012 13:07:29 GMT
X-Squid-Error
remember a compile time option in a header file to increase
this limit.
-Nin 11/30/12, Amos Jeffries squ...@treenet.co.nz wrote:
On 30/11/2012 6:06 a.m., jeffrey j donovan wrote:
On Nov 29, 2012, at 11:14 AM, Baird, Josh jba...@follett.com wrote:
Hi,
Our Squid 2.7 proxies are failing
Try again.
-Original Message-
From: m...@uninet.com.br [mailto:m...@uninet.com.br]
Sent: Wednesday, October 03, 2012 4:54 PM
To: squid-users@squid-cache.org
Subject: [squid-users] Squid3 reverse proxy ntlm authentication
Importance: High
I need to configure the Squid3 to authenticate
Hi,
We recently started having problems where our Squid 2.6
(squid-2.6.STABLE21-6.el5) proxy servers would stop serving requests. In my
cache.log, I see many of these:
2015/04/14 01:13:45| Failure Ratio at 26.15
2015/04/14 01:13:45| Going into hit-only-mode for 5 minutes...
2015/04/14
Could anyone offer any suggestions or advice to help figure out what is
causing these problems?
1) upgrade.
2) seriously, upgrade.
3) try adding via on to your squid.conf. If you start to get warnings about
forwarding loops its working. Otherwise you got big problems - see (2).
Could
Hi,
I'm running 2.6STABLE (yes, I know it's ancient) and I'm unable to increase
max_filedescr beyond 16384.
# grep max_file /etc/squid/squid.conf
max_filedesc32768
# ulimit -n
32678
# squidclient -p 80 mgr:info | grep 'Maximum number'
Maximum number of file descriptors: 16384
I
Of Baird, Josh
Sent: Tuesday, June 21, 2016 8:46 PM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Unable to increase max_filedescr
Hi,
I'm running 2.6STABLE (yes, I know it's ancient) and I'm unable to increase
max_filedescr beyond 16384.
# grep max_file /etc/squid/squid.conf
46 matches
Mail list logo
