[squid-users] High response times with Squid
Amos Jeffries
squid3 at treenet.co.nz
Fri Feb 15 03:53:50 UTC 2019
On 14/02/19 11:38 pm, Ahmad, Sarfaraz wrote:
> Hi again,
> I made some progress on this.
> To reiterate, I am peeking at the SNI and then bump all connections to the origin server in context of this problem. ( the origin server is seamless.com )
>
> Here are the new findings ,
> 1) The 20sec lag is noticed even when I splice the connection.
> 2) It 99% has to do with the following slow ACL acl.
>
> acl deny_explicit_dstdomain dstdomain "/etc/squid/acls/deny_explicit_dstdomain"
>
> I see PTR lookups failing when Squid tries to validate my ACLs. When I disable that ACL, the 20second lag is gone. So I am pretty confident that subsequent PTR lookups are causing the delay here.
> I don't see a configuration directive with which I can configure how many times Squid retries the lookup.
> I see one that sets the timeout though (dns_timeout defaults 30 seconds).
>
> Could you guys give me some pointers on what could be happening here ?
Only repeat back to you what you have described to us ... DNS PTR
lookups are slow.
Your squid.conf is needed to know where those lookups are happening and
see if any can be avoided.
Amos
More information about the squid-users
mailing list