[squid-users] Squid ICAP -> Sophos SAVDI -> read_ahead_gap question
netadmin
netadmin at aicta.ro
Wed Jan 29 09:26:04 UTC 2020
> reply_body_max_size 20 MB localnet
This is the last line for the respective option, before it there are others
that set limits, for example:
reply_body_max_size 200 MB ubuntu_updates
The line has the role of blocking the download of files larger than 20 MB
for which antivirus scanning (with the current settings) takes too long.
> read_ahead_gap 20 MB
The setting was wrong, it works for my particular case, but it creates
problems when downloading the package updates for Ubuntu, which do not go
through the ICAP filter. Now I have reduced the value to 64 KB and the
problem when downloading the Ubuntu updates has disappeared.
Simultaneous download on 20 workstations, with antivirus scanning through
the ICAP server works without problems only for files of up to 10 MB and
anyway a 100% load on the processor appears for a period of several seconds
from the moment the download for customers begins.
For example, if I use wget:
wget
http://mirror.slackware.hr/slackware/slackware-13.1/slackware/kde/oxygen-icons-4.4.3-i486-1.txz
--2020-01-29 10:32:37 -
http://mirror.slackware.hr/slackware/slackware-13.1/slackware/kde/oxygen-icons-4.4.3-i486-1.txz
Connecting to 192.168.1.1:3128 ... connected.
Proxy request sent, awaiting response ... 200 OK
Length: 21117900 (20M)
Saving to: 'oxygen-icons-4.4.3-i486-1.txz'
oxygen-icons-4.4.3- 47% [========>] 9.47M 609KB / s in 18s
2020-01-29 10:33:25 (553 KB / s) - Connection closed at byte 9926425.
Retrying.
--2020-01-29 10: 33: 26-- (try: 2)
http://mirror.slackware.hr/slackware/slackware-13.1/slackware/kde/oxygen-icons-4.4.3-i486-1
.txz
Connecting to 192.168.1.1:3128 ... connected.
Proxy request sent, awaiting response ... 206 Partial Content
Length: 21117900 (20M), 11191475 (11M) remaining
Saving to: 'oxygen-icons-4.4.3-i486-1.txz'
oxygen-icons-4.4.3- 100% [+++++++++ ==========>] 20.14M 2.08MB / s in 7.9s
2020-01-29 10:33:46 (1.34 MB / s) - 'oxygen-icons-4.4.3-i486-1.txz' saved
[21117900/21117900]
I think the "read_ahead_gap 20 MB" option here helps maintain the
connection.
So the problem is not at the client-to-server connection (Squid -> Sophos
SAVDI), nor at the antivirus scan but it can be in the server-to-client
response buffer.
--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
More information about the squid-users
mailing list