<div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif"><div class="gmail_default" style="font-size:12.8px">hi Antony</div><div class="gmail_default" style="font-size:12.8px">thanks for you reply</div><span class="gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><div class="gmail_default" style="font-family:tahoma,sans-serif"><span class="gmail-m_-8083075746322363929gmail-im" style="font-family:arial,sans-serif;font-size:12.8px">> i setup squid on ubuntu and centos<br><br></span><span style="font-family:arial,sans-serif;font-size:12.8px">Why both?</span></div></span><div class="gmail_default" style="font-size:12.8px"><font color="#660000">because of test and because i not get the result</font><span class="gmail-im"><br style="font-family:arial,sans-serif;font-size:12.8px"><span class="gmail-m_-8083075746322363929gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><br>> with tproxy and wccp for 6 gb/s traffic<br><br></span><span style="font-family:arial,sans-serif;font-size:12.8px">What hardware are you using for that sort of traffic flow?</span></span></div><div class="gmail_default" style="font-size:12.8px"><font color="#660000">i use hp DL360 with 2 6 core processor with 3 GHZ and 64 GB RAM and 1 TB HDD<br style="font-family:arial,sans-serif;font-size:12.8px"></font><span class="gmail-im"><span class="gmail-m_-8083075746322363929gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><br>> but when i try to test squid with 40 mb/s traffic<br><br></span><span style="font-family:arial,sans-serif;font-size:12.8px">How are you generating "40 mb/s traffic"? I'm assuming that your Internet</span><br style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-family:arial,sans-serif;font-size:12.8px">connection is 6Gbps as stated above, so how are you restricting this down to</span><br style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-family:arial,sans-serif;font-size:12.8px">40Mbps for testing?</span></span></div><div class="gmail_default" style="font-size:12.8px"><font color="#660000">i redirect one class of ip address with 40 mb/s traffic for test of squid and i am going decide to redirect whole of traffic to squid after getting fast browsing</font><span class="gmail-im"><br style="font-family:arial,sans-serif;font-size:12.8px"><br style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-family:arial,sans-serif;font-size:12.8px">> it response very slow</span><br style="font-family:arial,sans-serif;font-size:12.8px"><br style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-family:arial,sans-serif;font-size:12.8px">Numbers please.</span></span></div><div class="gmail_default" style="font-size:12.8px"><font color="#660000">websites load at 2 or 1 second by direct browsing and load at 10 second or not load by squid</font> <span class="gmail-im"><br style="font-family:arial,sans-serif;font-size:12.8px"><span class="gmail-m_-8083075746322363929gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><br>> while when i use direct browsing i can browse websites very fast<br><br></span><span style="font-family:arial,sans-serif;font-size:12.8px">Is the direct traffic still being routed through the Squid server (you say</span><br style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-family:arial,sans-serif;font-size:12.8px">you're using tproxy, so I assume this is an intercept machine with the traffic</span><br style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-family:arial,sans-serif;font-size:12.8px">going through it between client and server)?</span></span></div><div class="gmail_default" style="font-size:12.8px"><font color="#660000">no, HTTP traffic redirect to squid by wccp and access-list config on Cisco</font></div><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><font color="#660000" face="tahoma, sans-serif"><div class="gmail_default">ip wccp 80 redirect-list wccp</div><div class="gmail_default">ip wccp 90 redirect-list wccp_to_inside</div><div class="gmail_default"><br></div><div class="gmail_default"><div class="gmail_default">ip access-list extended wccp</div><div class="gmail_default"> remark Permit http access from clients</div><div class="gmail_default"> permit tcp x.x.x.x 0.0.0.255 any eq www</div><div class="gmail_default"> deny ip any any</div><div class="gmail_default">ip access-list extended wccp_to_inside</div><div class="gmail_default"> permit tcp any eq www x.x.x.x 0.0.0.255</div><div class="gmail_default"> deny ip any any</div></div></font><span class="gmail-im"><span class="gmail-m_-8083075746322363929gmail-im" style="font-size:12.8px"><br>> i used tcpdump for tracing connections arrive time and there was no problem,<br><br></span><span style="font-size:12.8px">Arrival time where? From the origin server to Squid? From Squid to the</span><br style="font-size:12.8px"><span style="font-size:12.8px">client? What are you actually measuring?</span></span></div><div class="gmail_default" style="font-size:12.8px"><font color="#660000">yes, arriving source packets from clients to squid interface,by time that i push enter on browser address bar and getting packets on tcpdump immediately</font><span class="gmail-im"><br style="font-family:arial,sans-serif;font-size:12.8px"><span class="gmail-m_-8083075746322363929gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><br>> i used watch -d for tracing packets match by iptables rules and it was ok,<br><br></span><span style="font-family:arial,sans-serif;font-size:12.8px">Please be more specific - what did you measure and what does "OK" mean?</span></span></div><div class="gmail_default" style="font-size:12.8px"><font color="#660000">i add rule to iptables for tracing one website packets and i saw them on kern.log that matched with the rule, so if you need please tell me to send commands that i used.</font></div><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><pre dir="ltr" id="gmail-m_-8083075746322363929gmail-CA-424780031ab1596014f0f69ad96adf0be1b4279d" lang="en" style="white-space:pre-wrap"><font color="#660000"><span class="gmail-m_-8083075746322363929gmail-line">ip rule add fwmark 1 lookup 100</span>
<span class="gmail-m_-8083075746322363929gmail-line">ip route add <span class="gmail-m_-8083075746322363929gmail-ResWord">local </span><a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> dev enp3s0f0 table 100</span></font></pre><pre dir="ltr" id="gmail-m_-8083075746322363929gmail-CA-424780031ab1596014f0f69ad96adf0be1b4279d" lang="en" style="white-space:pre-wrap"><font color="#660000"><span class="gmail-m_-8083075746322363929gmail-line">iptables -t mangle -A PREROUTING -d <span class="gmail-m_-8083075746322363929gmail-ID">$LOCALIP</span> -j ACCEPT</span>
<span class="gmail-m_-8083075746322363929gmail-line">iptables -t mangle -N DIVERT</span>
<span class="gmail-m_-8083075746322363929gmail-line">iptables -t mangle -A DIVERT -j MARK --set-mark 1</span>
<span class="gmail-m_-8083075746322363929gmail-line">iptables -t mangle -A DIVERT -j ACCEPT</span>
<span class="gmail-m_-8083075746322363929gmail-line">iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT</span>
<span class="gmail-m_-8083075746322363929gmail-line">iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129</span></font></pre><font color="#660000">watch -d iptables -t mangle -vnL</font></div><span class="gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><div class="gmail_default"><br><span style="font-size:12.8px">Did you compare with and without Squid in place to see what differs?</span></div></span><div class="gmail_default" style="font-size:12.8px"><font color="#660000">no, as i told when i browsing directly it is well and packets not coming to squid and exit from cisco to internet and arrive to clients from cisco and because of traffic on cisco i can't enable debugging on it but when i browse from squid i get latency so i suppose the problem is squid or server that squid running on it</font></div><span class="gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><div class="gmail_default" style="font-family:tahoma,sans-serif"><span class="gmail-m_-8083075746322363929gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><br>> i also used iptables trace command for tracing matching iptables rules,<br>> there was no problem except i had latency on arriving packets on iptables<br>> rule while tcpdump captured packets fast, it happened when my browsing was<br>> so slow, at some times that my browsing was fast there was no latency on<br>> iptables trace log.<br><br></span><span style="font-family:arial,sans-serif;font-size:12.8px">That description is too vague to know exactly what you were measuring and what</span><br style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-family:arial,sans-serif;font-size:12.8px">results you got.</span></div></span><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><pre style="white-space:pre-wrap"><font face="monospace, monospace" color="#660000">iptables -t raw -A PREROUTING -s x.x.x.x -j TRACE</font></pre><pre style="white-space:pre-wrap"><pre style="white-space:pre-wrap"><font color="#660000">iptables -t raw -A OUTPUT -s x.x.x.x -j TRACE<br></font></pre><pre style="white-space:pre-wrap"><font color="#660000">tailf /var/log/kern.log</font></pre><pre style="white-space:pre-wrap"><font color="#660000">tcpdump -e -i enp3s0f0 -d x.x.x.x dst port 80</font></pre><pre style="white-space:pre-wrap"><font color="#660000">tcpdump -e -i enp3s0f0 -s x.x.x.x src port 80</font></pre><pre style="white-space:pre-wrap"><br></pre></pre><span class="gmail-im"><span class="gmail-m_-8083075746322363929gmail-im" style="font-size:12.8px"><br>> i also used tcp and linux enhancement configurations<br><br></span><span style="font-size:12.8px">Details?</span></span></div><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><div class="gmail_default"><font color="#660000">net.core.wmem_default=524288</font></div><div class="gmail_default"><font color="#660000">net.core.wmem_max=16777216</font></div><div class="gmail_default"><font color="#660000">net.core.rmem_default=524288</font></div><div class="gmail_default"><font color="#660000">net.core.rmem_max=16777216</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_window_scaling = 1</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_rmem = 66560 524288 16777216</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_wmem = 66560 524288 16777216</font></div><div class="gmail_default"><font color="#660000">net.core.somaxconn=4000</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_timestamps=0</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_sack=0</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_fin_timeout=20</font></div><div class="gmail_default"><font color="#660000">net.ipv4.ip_local_port_range=<wbr>10240 65000</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_keepalive_time = 900</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_keepalive_intvl = 900</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_keepalive_probes = 9</font></div><div class="gmail_default"><font color="#660000">net.core.somaxconn = 5000</font></div><div class="gmail_default"><font color="#660000">net.core.netdev_max_backlog = 8000</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_max_syn_backlog = 8096</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_slow_start_after_<wbr>idle = 0</font></div><div class="gmail_default"><font color="#660000">net.ipv4.tcp_tw_reuse = 1</font></div><span class="gmail-im"><span class="gmail-m_-8083075746322363929gmail-im" style="font-size:12.8px"><br>> but nothing happened.<br>> wccp send packets very well and tcpdump show capturing packets too but<br>> browsing with squid is very slow.<br><br></span><span style="font-size:12.8px">Firstly, please define "slow" - do you mean it takes a long time for new web</span><br style="font-size:12.8px"><span style="font-size:12.8px">pages / images / etc to appear (but once they start, they arrive quickly)</span></span></div><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><span style="color:rgb(102,0,0)">browse in 10 second or not browsing, webpages that i browse for first time or i browse for multiple times</span><span style="font-size:12.8px"><br></span></div><span class="gmail-im" style="font-family:arial,sans-serif;font-size:12.8px"><div class="gmail_default"><span style="font-size:12.8px">, or </span><span style="font-size:12.8px">do you mean that a continuous stream of data (a "download") arrives more</span><br style="font-size:12.8px"><span style="font-size:12.8px">slowly when going through Squid than going direct (and if so, what are the</span><br style="font-size:12.8px"><span style="font-size:12.8px">different speeds)?</span></div></span><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><font color="#660000">no just browsing, </font><span class="gmail-im"><br style="font-size:12.8px"><br style="font-size:12.8px"><span style="font-size:12.8px">Secondly, what are you trying to achieve with Squid - what is its purpose in</span><br style="font-size:12.8px"><span style="font-size:12.8px">your network?</span><br style="font-size:12.8px"></span></div><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px"><font color="#660000">caching pages and their objects for better internet browsing by clients and save bandwith.</font></span></div><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px"><font color="#660000"><br></font></span></div><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><span style="font-size:12.8px"><font color="#660000">squid.conf</font></span></div><div class="gmail_default" style="font-family:arial,sans-serif;font-size:12.8px"><font color="#660000"><span style="font-size:12.8px"><div class="gmail_default">dns_v4_first on</div><div class="gmail_default">acl fanava_net src <a href="http://89.221.82.161/32" target="_blank">x.x.x.x/32</a> # Fanava First clients range to cache</div><div class="gmail_default">acl Safe_ports port 80<span style="white-space:pre-wrap"> </span># http</div><div class="gmail_default">acl Safe_ports port 280<span style="white-space:pre-wrap"> </span># http-mgmt</div><div class="gmail_default">acl Safe_ports port 488<span style="white-space:pre-wrap"> </span># gss-http</div><div class="gmail_default">acl Safe_ports port 777<span style="white-space:pre-wrap"> </span># multiling http</div><div class="gmail_default">acl CONNECT method CONNECT</div><div class="gmail_default">http_access allow localhost manager</div><div class="gmail_default">http_access deny manager</div><div class="gmail_default">http_access allow localhost</div><div class="gmail_default">http_access allow fanava_net</div><div class="gmail_default">http_access deny all</div><div class="gmail_default">http_port <a href="http://0.0.0.0:3128/" target="_blank">0.0.0.0:3128</a></div><div class="gmail_default">http_port <a href="http://0.0.0.0:3129/" target="_blank">0.0.0.0:3129</a> tproxy</div><div class="gmail_default">cache_mem 50 GB</div><div class="gmail_default">maximum_object_size_in_memory 100 MB</div><div class="gmail_default">minimum_object_size 2 KB</div><div class="gmail_default">maximum_object_size 6 GB</div><div class="gmail_default">#cache_dir ufs /var/spool/squid 1024000 256 512</div><div class="gmail_default">cache_swap_low 90</div><div class="gmail_default">cache_swap_high 92</div><div class="gmail_default">coredump_dir /var/spool/squid</div><div class="gmail_default"># Image files</div><div class="gmail_default">refresh_pattern -i \.(png|gif|jpg|jpeg|bmp|tif|<wbr>tiff)$ 10080 90% 43200</div><div class="gmail_default"># Compressed files</div><div class="gmail_default">refresh_pattern -i \.(zip|rar|tar|gz|tgz|z|arj|<wbr>lha|lzh|iso|deb|rpm)$ 10080 90% 43200</div><div class="gmail_default"># Binary files</div><div class="gmail_default">refresh_pattern -i \.(exe|msi)$ 10080 90% 43200</div><div class="gmail_default"># Multimedia files</div><div class="gmail_default">refresh_pattern -i \.(mp3|wav|mid|midi|ram|avi|<wbr>wmv|mpg|mpeg|mp4|swf|flv|)$ 10080 90% 43200</div><div class="gmail_default"># Document files</div><div class="gmail_default">refresh_pattern -i \.(pdf|ps|doc|ppt|xls|pps)$ 10080 90% 43200</div><div class="gmail_default"># HTML patterns</div><div class="gmail_default">refresh_pattern -i \.index.(html|htm)$ 0 40% 10080</div><div class="gmail_default">refresh_pattern -i \.default.(html|htm)$ 0 40% 10080</div><div class="gmail_default">refresh_pattern -i \.(html|htm|css|js)$ 1440 40% 40320</div><div class="gmail_default"># Default patterns</div><div class="gmail_default">refresh_pattern ^ftp: 1440 20% 10080</div><div class="gmail_default">refresh_pattern ^gopher: 1440 0% 1440</div><div class="gmail_default">refresh_pattern -i (/cgi-bin/|\?) 0 0% 0</div><div class="gmail_default">refresh_pattern . 0 20% 4320</div><div class="gmail_default">refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880</div><div class="gmail_default">cache_mgr <a href="mailto:zeutech@gmail.com" target="_blank">zeutech@gmail.com</a></div><div class="gmail_default">wccp2_router x.x.x.x</div><div class="gmail_default">wccp_version 2</div><div class="gmail_default">wccp2_rebuild_wait on</div><div class="gmail_default">wccp2_forwarding_method 2</div><div class="gmail_default">wccp2_return_method 2</div><div class="gmail_default">wccp2_service dynamic 80</div><div class="gmail_default">wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80</div><div class="gmail_default">wccp2_service dynamic 90</div><div class="gmail_default">wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80</div></span></font></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><span style="color:rgb(0,0,255)"><span style="font-family:comic sans ms,sans-serif"><b>Regards,<br>Iraj Norouzi</b><br></span></span><br></div></div></div></div></div>
<br><div class="gmail_quote">On Tue, Sep 19, 2017 at 3:04 PM, Antony Stone <span dir="ltr"><<a href="mailto:Antony.Stone@squid.open.source.it" target="_blank">Antony.Stone@squid.open.source.it</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Tuesday 19 September 2017 at 11:18:34, Iraj Norouzi wrote:<br>
<br>
> hi everybody<br>
> i setup squid on ubuntu and centos<br>
<br>
</span>Why both?<br>
<span class=""><br>
> with tproxy and wccp for 6 gb/s traffic<br>
<br>
</span>What hardware are you using for that sort of traffic flow?<br>
<span class=""><br>
> but when i try to test squid with 40 mb/s traffic<br>
<br>
</span>How are you generating "40 mb/s traffic"? I'm assuming that your Internet<br>
connection is 6Gbps as stated above, so how are you restricting this down to<br>
40Mbps for testing?<br>
<br>
> it response very slow<br>
<br>
Numbers please.<br>
<span class=""><br>
> while when i use direct browsing i can browse websites very fast<br>
<br>
</span>Is the direct traffic still being routed through the Squid server (you say<br>
you're using tproxy, so I assume this is an intercept machine with the traffic<br>
going through it between client and server)?<br>
<span class=""><br>
> i used tcpdump for tracing connections arrive time and there was no problem,<br>
<br>
</span>Arrival time where? From the origin server to Squid? From Squid to the<br>
client? What are you actually measuring?<br>
<span class=""><br>
> i used watch -d for tracing packets match by iptables rules and it was ok,<br>
<br>
</span>Please be more specific - what did you measure and what does "OK" mean?<br>
<br>
Did you compare with and without Squid in place to see what differs?<br>
<span class=""><br>
> i also used iptables trace command for tracing matching iptables rules,<br>
> there was no problem except i had latency on arriving packets on iptables<br>
> rule while tcpdump captured packets fast, it happened when my browsing was<br>
> so slow, at some times that my browsing was fast there was no latency on<br>
> iptables trace log.<br>
<br>
</span>That description is too vague to know exactly what you were measuring and what<br>
results you got.<br>
<span class=""><br>
> i also used tcp and linux enhancement configurations<br>
<br>
</span>Details?<br>
<span class=""><br>
> but nothing happened.<br>
> wccp send packets very well and tcpdump show capturing packets too but<br>
> browsing with squid is very slow.<br>
<br>
</span>Firstly, please define "slow" - do you mean it takes a long time for new web<br>
pages / images / etc to appear (but once they start, they arrive quickly), or<br>
do you mean that a continuous stream of data (a "download") arrives more<br>
slowly when going through Squid than going direct (and if so, what are the<br>
different speeds)?<br>
<br>
Secondly, what are you trying to achieve with Squid - what is its purpose in<br>
your network?<br>
<br>
> please help me.<br>
<br>
Please help us - give us more details about the hardware you're running this<br>
on, the version of Squid you're using, what WCCP routing / filtering you're<br>
doing, the measurements you've made and the results you got.<br>
<br>
<br>
Regards,<br>
<br>
<br>
Antony.<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
We all get the same amount of time - twenty-four hours per day.<br>
How you use it is up to you.<br>
<br>
Please reply to the list;<br>
please *don't* CC me.<br>
______________________________<wbr>_________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.<wbr>org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/<wbr>listinfo/squid-users</a><br>
</font></span></blockquote></div><br></div></div>