SQUID и оперативная память

FoxDW · Непрочитанное сообщение **FoxDW** » 2009-01-20 11:07:23

FreeBSD 7.0, 2гб оперативной памяти, около 30 пользователей. Работа начинается с ~ 100 МБ с каждым днем увеличивается примерно на 100

как это остановить или контролировать, cache_mem 512 MB я как понял это не ограничивает сколько он памяти может скушать

Код: Выделить всё

# Physical memory / 3
cache_mem 512 MB
# Max out Squid I/O perfomance, 15 GB cache and use Squid special diskd
# but you need to recompile the kernel
# To use disk you need to --enable-storeio=diskd,ufs
# Reasonable values for Q1 and Q2 are 72 and 64, respectively.
# Q1 value must bigger Q2
#cache_dir diskd /usr/local/squid/cache 15360 16 256 Q1=72 Q2=64
cache_dir ufs /usr/local/squid/cache 15360 16 256


cache_replacement_policy GDSF

# Avoid caching cgi scripts
acl QUERY urlpath_regex cgi-bin
no_cache deny QUERY

# I dont want to log anything
# The reason is to save some expensive I/O operation.
cache_access_log /usr/local/squid/logs/access.log
cache_store_log none
cache_log /usr/local/squid/logs/cache.log
logfile_rotate 10

Хостинг HostFood.ru · **Хостинг HostFood.ru**

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

Bormental

FoxDW писал(а):FreeBSD 7.0, 2гб оперативной памяти, около 30 пользователей. Работа начинается с ~ 100 МБ с каждым днем увеличивается примерно на 100

как это остановить или контролировать, cache_mem 512 MB я как понял это не ограничивает сколько он памяти может скушать
Код: Выделить всё
# Physical memory / 3
cache_mem 512 MB
# Max out Squid I/O perfomance, 15 GB cache and use Squid special diskd
# but......e_log none
cache_log /usr/local/squid/logs/cache.log
logfile_rotate 10

объем оперативы занимаемой сквидом в максимуме на прямую зависит от размера дискового пространства выделенного под кэш, врать не буду но примерно 100 метров оперативы под 8 гигов кэша уходит... если не расчитал и вылазит за пределы оперативы могу предложить авторебут поставить раз в сутки ну или очистить кэш и сформировать его заного

FoxDW · Непрочитанное сообщение **FoxDW** » 2009-01-20 11:14:11

Ну исходя из этого он должен не больше 300 потреблять, а доходит до 1200 потом я просто перезапустил его, хотелось бы понять как это контролировать, ребут не очень как мне кажется хороший выход

Bormental

FoxDW писал(а):Ну исходя из этого он должен не больше 300 потреблять, а доходит до 1200 потом я просто перезапустил его, хотелось бы понять как это контролировать, ребут не очень как мне кажется хороший выход

а конфиг весь можно выложить?

FoxDW · Непрочитанное сообщение **FoxDW** » 2009-01-20 11:23:03

Код: Выделить всё

# created by SAMS _sams_ 2009-1-20 11:1:52
# OPTIONS FOR AUTHENTICATION
# -----------------------------------------------------------------------------
		  		  
#  TAG: auth_param
#	This is used to define parameters for the various authentication
#	schemes supported by Squid.
#
#	format: auth_param scheme parameter [setting]
#
#
auth_param basic program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param basic children 10

auth_param basic program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 10
auth_param basic realm ELITEAUTOCOMPANY
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off


# ACCESS CONTROLS
# -----------------------------------------------------------------------------

#  TAG: external_acl_type
#	This option defines external acl classes using a helper program
#	to look up the status
#
#
#Default:
# none

#  TAG: acl
acl _sams_default proxy_auth "/usr/local/etc/squid/default.sams" 
acl _sams_default_time time MTWHFAS 00:00-23:59
acl _sams_48f2a0c01a7e7 proxy_auth "/usr/local/etc/squid/48f2a0c01a7e7.sams" 
acl _sams_48f2a0c01a7e7_time time MTWHFAS 00:00-23:59
acl _sams_493f2935ab11e proxy_auth "/usr/local/etc/squid/493f2935ab11e.sams" 
acl _sams_493f2935ab11e_time time MTWHFAS 08:00-18:00
acl _sams_4942350be59b2 proxy_auth "/usr/local/etc/squid/4942350be59b2.sams" 
acl _sams_4942350be59b2_time time MTWHFAS 18:00-23:59
#	Defining an Access List
#
#	Every access list definition must begin with an aclname and acltype, 
#	followed by either type-specific arguments or a quoted filename that
#	they are read from.
#
#	   acl aclname acltype argument ...
#	   acl aclname acltype "file" ...
#
#	When using "file", the file should contain one item per line.
#
#	By default, regular expressions are CASE-SENSITIVE.  To make
#	them case-insensitive, use the -i option.
#
#
#	***** ACL TYPES AVAILABLE *****
#
#	acl aclname src ip-address/netmask ...		# clients IP address
#	acl aclname src addr1-addr2/netmask ...		# range of addresses
#	acl aclname dst ip-address/netmask ...		# URL host's IP address
#	acl aclname myip ip-address/netmask ...		# local socket IP address
#
#	acl aclname arp      mac-address ... (xx:xx:xx:xx:xx:xx notation)
#	  # The arp ACL requires the special configure option --enable-arp-acl.
#	  # Furthermore, the ARP ACL code is not portable to all operating systems.
#	  # It works on Linux, Solaris, Windows, FreeBSD, and some other *BSD variants.
#	  #
#	  # NOTE: Squid can only determine the MAC address for clients that are on
#	  # the same subnet. If the client is on a different subnet, then Squid cannot
#	  # find out its MAC address.
#
#	acl aclname srcdomain   .foo.com ...    	# reverse lookup, from client IP
#	acl aclname dstdomain   .foo.com ...    	# Destination server from URL
#	acl aclname srcdom_regex [-i] \.foo\.com ...	# regex matching client name
#	acl aclname dstdom_regex [-i] \.foo\.com ...	# regex matching server
#	  # For dstdomain and dstdom_regex a reverse lookup is tried if a IP
#	  # based URL is used and no match is found. The name "none" is used
#	  # if the reverse lookup fails.
#
#	acl aclname src_as number ...
#	acl aclname dst_as number ...
#	  # Except for access control, AS numbers can be used for
#	  # routing of requests to specific caches. Here's an
#	  # example for routing all requests for AS#1241 and only
#	  # those to mycache.mydomain.net:
#	  # acl asexample dst_as 1241
#	  # cache_peer_access mycache.mydomain.net allow asexample
#	  # cache_peer_access mycache_mydomain.net deny all
#
#	acl aclname time [day-abbrevs] [h1:m1-h2:m2]
#	  #  day-abbrevs:
#	  #	S - Sunday
#	  #	M - Monday
#	  #	T - Tuesday
#	  #	W - Wednesday
#	  #	H - Thursday
#	  #	F - Friday
#	  #	A - Saturday
#	  #  h1:m1 must be less than h2:m2
#
#	acl aclname url_regex [-i] ^http:// ...		# regex matching on whole URL
#	acl aclname urlpath_regex [-i] \.gif$ ...	# regex matching on URL path
#
#	acl aclname port 80 70 21 ...
#	acl aclname port 0-1024 ...		# ranges allowed
#	acl aclname myport 3128 ...		# (local socket TCP port)
#	acl aclname myportname 3128 ...		# http(s)_port name
#
#	acl aclname proto HTTP FTP ...
#
#	acl aclname method GET POST ...
#
#	acl aclname http_status 200 301 500- 400-403 ...     # status code in reply
#
#	acl aclname browser [-i] regexp ...
#	  # pattern match on User-Agent header (see also req_header below)
#
#	acl aclname referer_regex [-i] regexp ...
#	  # pattern match on Referer header
#	  # Referer is highly unreliable, so use with care
#
#	acl aclname ident username ...
#	acl aclname ident_regex [-i] pattern ...
#	  # string match on ident output.
#	  # use REQUIRED to accept any non-null ident.
#
#	acl aclname proxy_auth [-i] username ...
#	acl aclname proxy_auth_regex [-i] pattern ...
#	  # list of valid usernames
#	  # use REQUIRED to accept any valid username.
#	  #
#	  # NOTE: when a Proxy-Authentication header is sent but it is not
#	  # needed during ACL checking the username is NOT logged
#	  # in access.log.
#	  #
#	  # NOTE: proxy_auth requires a EXTERNAL authentication program
#	  # to check username/password combinations (see
#	  # auth_param directive).
#	  #
#	  # NOTE: proxy_auth can't be used in a transparent/intercepting proxy
#	  # as the browser needs to be configured for using a proxy in order
#	  # to respond to proxy authentication.
#
#	acl aclname snmp_community string ...
#	  # A community string to limit access to your SNMP Agent
#	  # Example:
#	  #
#	  #	acl snmppublic snmp_community public
#
#	acl aclname maxconn number
#	  # This will be matched when the client's IP address has
#	  # more than <number> HTTP connections established.
#
#	acl aclname max_user_ip [-s] number
#	  # This will be matched when the user attempts to log in from more
#	  # than <number> different ip addresses. The authenticate_ip_ttl
#	  # parameter controls the timeout on the ip entries.
#	  # If -s is specified the limit is strict, denying browsing
#	  # from any further IP addresses until the ttl has expired. Without
#	  # -s Squid will just annoy the user by "randomly" denying requests.
#	  # (the counter is reset each time the limit is reached and a
#	  # request is denied)
#	  # NOTE: in acceleration mode or where there is mesh of child proxies,
#	  # clients may appear to come from multiple addresses if they are
#	  # going through proxy farms, so a limit of 1 may cause user problems.
#
#	acl aclname req_mime_type [-i] mime-type ...
#	  # regex match against the mime type of the request generated
#	  # by the client. Can be used to detect file upload or some
#	  # types HTTP tunneling requests.
#	  # NOTE: This does NOT match the reply. You cannot use this
#	  # to match the returned file type.
#
#	acl aclname req_header header-name [-i] any\.regex\.here
#	  # regex match against any of the known request headers.  May be
#	  # thought of as a superset of "browser", "referer" and "mime-type"
#	  # ACLs.
#
#	acl aclname rep_mime_type [-i] mime-type ...
#	  # regex match against the mime type of the reply received by
#	  # squid. Can be used to detect file download or some
#	  # types HTTP tunneling requests.
#	  # NOTE: This has no effect in http_access rules. It only has
#	  # effect in rules that affect the reply data stream such as
#	  # http_reply_access.
#
#	acl aclname rep_header header-name [-i] any\.regex\.here
#	  # regex match against any of the known reply headers. May be
#	  # thought of as a superset of "browser", "referer" and "mime-type"
#	  # ACLs.
#
#	acl aclname external class_name [arguments...]
#	  # external ACL lookup via a helper class defined by the
#	  # external_acl_type directive.
#
#	acl aclname user_cert attribute values...
#	  # match against attributes in a user SSL certificate
#	  # attribute is one of DN/C/O/CN/L/ST
#
#	acl aclname ca_cert attribute values...
#	  # match against attributes a users issuing CA SSL certificate
#	  # attribute is one of DN/C/O/CN/L/ST
#
#	acl aclname ext_user username ...
#	acl aclname ext_user_regex [-i] pattern ...
#	  # string match on username returned by external acl helper
#	  # use REQUIRED to accept any non-null user name.
#
#Examples:
#acl macaddress arp 09:00:2b:23:45:67
#acl myexample dst_as 1241
#acl password proxy_auth REQUIRED
#acl fileupload req_mime_type -i ^multipart/form-data$
#acl javascript rep_mime_type -i ^application/x-javascript$
#
#Default:
#acl all proxy_auth REQUIRED
#acl all_time time MTWHFAS 16:00-23:00
#
#Recommended minimum configuration:
#acl users proxy_auth REQUIRED
#acl users_time time MTWHFAS 18:00-20:00
#http_access allow users



acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

#  TAG: http_access
http_access allow _sams_default  _sams_default_time  
http_access allow _sams_48f2a0c01a7e7  _sams_48f2a0c01a7e7_time  
http_access allow _sams_493f2935ab11e  _sams_493f2935ab11e_time  
http_access allow _sams_4942350be59b2  _sams_4942350be59b2_time  

#	Allowing or Denying access based on defined access lists
#
#	Access to the HTTP port:
#	http_access allow|deny [!]aclname ...
#
#	NOTE on default values:
#
#	If there are no "access" lines present, the default is to deny
#	the request.
#
#	If none of the "access" lines cause a match, the default is the
#	opposite of the last line in the list.  If the last line was
#	deny, the default is allow.  Conversely, if the last line
#	is allow, the default will be deny.  For these reasons, it is a
#	good idea to have an "deny all" or "allow all" entry at the end
#	of your access lists to avoid potential confusion.
#
#Default:
# http_access deny all
#
#Recommended minimum configuration:
#
# Only allow cachemgr access from localhost

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all

#  TAG: icp_access
#	Allowing or Denying access to the ICP port based on defined
#	access lists
#
#	icp_access  allow|deny [!]aclname ...
#
#	See http_access for details
#
#Default:
# icp_access deny all
#
#Allow ICP queries from local networks only

icp_access deny all



# NETWORK OPTIONS
# -----------------------------------------------------------------------------

#  TAG: http_port
#	Usage:	port [options]
#		hostname:port [options]
#		1.2.3.4:port [options]
#
#	The socket addresses where Squid will listen for HTTP client
#	requests.  You may specify multiple socket addresses.
#	There are three forms: port alone, hostname with port, and
#	IP address with port.  If you specify a hostname or IP
#	address, Squid binds the socket to that specific
#	address.  This replaces the old 'tcp_incoming_address'
#	option.  Most likely, you do not need to bind to a specific
#	address, so you can use the port number alone.
#
#	If you are running Squid in accelerator mode, you
#	probably want to listen on port 80 also, or instead.
#
#	The -a command line option may be used to specify additional
#	port(s) where Squid listens for proxy request. Such ports will
#	be plain proxy ports with no options.
#
#	You may specify multiple socket addresses on multiple lines.
#
#	Options:
#
#	   transparent	Support for transparent interception of
#			outgoing requests without browser settings.
#			NP: disables authentication on the port.
#
#	   tproxy	Support Linux TPROXY for spoofing outgoing
#			connections using the client IP address.
#			NP: disables authentication on the port.
#
#	   accel	Accelerator mode. Also needs at least one of
#			vhost / vport / defaultsite.
#
#	   defaultsite=domainname
#			What to use for the Host: header if it is not present
#			in a request. Determines what site (not origin server)
#			accelerators should consider the default.
#			Implies accel.
#
#	   vhost	Accelerator mode using Host header for virtual
#			domain support. Implies accel.
#
#	   vport	Accelerator with IP based virtual host support.
#			Implies accel.
#
#	   vport=NN	As above, but uses specified port number rather
#			than the http_port number. Implies accel.
#
#	   protocol=	Protocol to reconstruct accelerated requests with.
#			Defaults to http.
#
#	   disable-pmtu-discovery=
#			Control Path-MTU discovery usage:
#			    off		lets OS decide on what to do (default).
#			    transparent	disable PMTU discovery when transparent
#					support is enabled.
#			    always	disable always PMTU discovery.
#
#			In many setups of transparently intercepting proxies
#			Path-MTU discovery can not work on traffic towards the
#			clients. This is the case when the intercepting device
#			does not fully track connections and fails to forward
#			ICMP must fragment messages to the cache server. If you
#			have such setup and experience that certain clients
#			sporadically hang or never complete requests set
#			disable-pmtu-discovery option to 'transparent'.
#
#	   name=	Specifies a internal name for the port. Defaults to
#			the port specification (port or addr:port)
#
#	If you run Squid on a dual-homed machine with an internal
#	and an external interface we recommend you to specify the
#	internal address:port in http_port. This way Squid will only be
#	visible on the internal address.
#
# Squid normally listens to port 3128
http_port 3128

#  TAG: https_port
# Note: This option is only available if Squid is rebuilt with the
#       --enable-ssl option
#
#	Usage:  [ip:]port cert=certificate.pem [key=key.pem] [options...]
#
#	The socket address where Squid will listen for HTTPS client
#	requests.
#
#	This is really only useful for situations where you are running
#	squid in accelerator mode and you want to do the SSL work at the
#	accelerator level.
#
#	You may specify multiple socket addresses on multiple lines,
#	each with their own SSL certificate and/or options.
#
#	Options:
#
#	   accel	Accelerator mode. Also needs at least one of
#			defaultsite or vhost.
#
#	   defaultsite=	The name of the https site presented on
#	   		this port. Implies accel.
#
#	   vhost	Accelerator mode using Host header for virtual
#			domain support. Requires a wildcard certificate
#			or other certificate valid for more than one domain.
#			Implies accel.
#
#	   protocol=	Protocol to reconstruct accelerated requests with.
#			Defaults to https.
#
#	   cert=	Path to SSL certificate (PEM format).
#
#	   key=		Path to SSL private key file (PEM format)
#			if not specified, the certificate file is
#			assumed to be a combined certificate and
#			key file.
#
#	   version=	The version of SSL/TLS supported
#			    1	automatic (default)
#			    2	SSLv2 only
#			    3	SSLv3 only
#			    4	TLSv1 only
#
#	   cipher=	Colon separated list of supported ciphers.
#
#	   options=	Various SSL engine options. The most important
#			being:
#			    NO_SSLv2  Disallow the use of SSLv2
#			    NO_SSLv3  Disallow the use of SSLv3
#			    NO_TLSv1  Disallow the use of TLSv1
#			    SINGLE_DH_USE Always create a new key when using
#				      temporary/ephemeral DH key exchanges
#			See src/ssl_support.c or OpenSSL SSL_CTX_set_options
#			documentation for a complete list of options.
#
#	   clientca=	File containing the list of CAs to use when
#			requesting a client certificate.
#
#	   cafile=	File containing additional CA certificates to
#			use when verifying client certificates. If unset
#			clientca will be used.
#
#	   capath=	Directory containing additional CA certificates
#			and CRL lists to use when verifying client certificates.
#
#	   crlfile=	File of additional CRL lists to use when verifying
#			the client certificate, in addition to CRLs stored in
#			the capath. Implies VERIFY_CRL flag below.
#
#	   dhparams=	File containing DH parameters for temporary/ephemeral
#			DH key exchanges.
#
#	   sslflags=	Various flags modifying the use of SSL:
#			    DELAYED_AUTH
#				Don't request client certificates
#				immediately, but wait until acl processing
#				requires a certificate (not yet implemented).
#			    NO_DEFAULT_CA
#				Don't use the default CA lists built in
#				to OpenSSL.
#			    NO_SESSION_REUSE
#				Don't allow for session reuse. Each connection
#				will result in a new SSL session.
#			    VERIFY_CRL
#				Verify CRL lists when accepting client
#				certificates.
#			    VERIFY_CRL_ALL
#				Verify CRL lists for all certificates in the
#				client certificate chain.
#
#	   sslcontext=	SSL session ID context identifier.
#
#	   vport	Accelerator with IP based virtual host support.
#
#	   vport=NN	As above, but uses specified port number rather
#			than the https_port number. Implies accel.
#
#	   name=	Specifies a internal name for the port. Defaults to
#			the port specification (port or addr:port)
#
#
#Default:
# none

# Physical memory / 3
cache_mem 512 MB
# Max out Squid I/O perfomance, 15 GB cache and use Squid special diskd
# but you need to recompile the kernel
# To use disk you need to --enable-storeio=diskd,ufs
# Reasonable values for Q1 and Q2 are 72 and 64, respectively.
# Q1 value must bigger Q2
#cache_dir diskd /usr/local/squid/cache 15360 16 256 Q1=72 Q2=64
cache_dir ufs /usr/local/squid/cache 15360 16 256


cache_replacement_policy GDSF

# Avoid caching cgi scripts
acl QUERY urlpath_regex cgi-bin
no_cache deny QUERY

# I dont want to log anything
# The reason is to save some expensive I/O operation.
cache_access_log /usr/local/squid/logs/access.log
cache_store_log none
cache_log /usr/local/squid/logs/cache.log
logfile_rotate 10

#  TAG: url_rewrite_program
#       Specify the location of the executable for the URL rewriter.
#       Since they can perform almost any function there isn't one included.
url_rewrite_program /usr/local/rejik/redirector /usr/local/rejik/redirector.conf

Bormental

ваш конфиг, тока я порты раньше чем разрешения закрыл, SSL порты странно в сквиде пашут, у меня лично вырпажалось в загрузке проца под 90%

Код: Выделить всё

http_port 3128

cache_mem 512 MB
cache_dir ufs /usr/local/squid/cache 15360 16 256

cache_replacement_policy GDSF
acl QUERY urlpath_regex cgi-bin
no_cache deny QUERY
cache_access_log /usr/local/squid/logs/access.log
cache_store_log none
cache_log /usr/local/squid/logs/cache.log
logfile_rotate 10
url_rewrite_program /usr/local/rejik/redirector /usr/local/rejik/redirector.conf

auth_param basic program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param basic children 10

auth_param basic program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 10
auth_param basic realm ELITEAUTOCOMPANY
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off


acl _sams_default proxy_auth "/usr/local/etc/squid/default.sams" 
acl _sams_default_time time MTWHFAS 00:00-23:59
acl _sams_48f2a0c01a7e7 proxy_auth "/usr/local/etc/squid/48f2a0c01a7e7.sams" 
acl _sams_48f2a0c01a7e7_time time MTWHFAS 00:00-23:59
acl _sams_493f2935ab11e proxy_auth "/usr/local/etc/squid/493f2935ab11e.sams" 
acl _sams_493f2935ab11e_time time MTWHFAS 08:00-18:00
acl _sams_4942350be59b2 proxy_auth "/usr/local/etc/squid/4942350be59b2.sams" 
acl _sams_4942350be59b2_time time MTWHFAS 18:00-23:59

acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

#это раньше нужно чем allow
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow _sams_default  _sams_default_time  
http_access allow _sams_48f2a0c01a7e7  _sams_48f2a0c01a7e7_time  
http_access allow _sams_493f2935ab11e  _sams_493f2935ab11e_time  
http_access allow _sams_4942350be59b2  _sams_4942350be59b2_time  

http_access deny all

icp_access deny all

InventoR

нафига Вам такой здоровый cache_mem ???
уменьшите до 128мег или 64 и хватит, у Вас все равно не такое интенсивное потребление.
А по поводу данной опции уже много раз говорилось, берем её и множим на два, и получается что порядка 1024 будет жрать сквид.
поэтому поставьте 64 и со временем будет где-то 128 и Вам думаю этого хватит.

Bormental

InventoR писал(а):нафига Вам такой здоровый cache_mem ???
уменьшите до 128мег или 64 и хватит, у Вас все равно не такое интенсивное потребление.
А по поводу данной опции уже много раз говорилось, берем её и множим на два, и получается что порядка 1024 будет жрать сквид.
поэтому поставьте 64 и со временем будет где-то 128 и Вам думаю этого хватит.

да кстати чтото не обратил внимание я на проксе с 2мя гигами оперативы 256 поставил))

forum.lissyara.su

SQUID и оперативная память

SQUID и оперативная память

Услуги хостинговой компании Host-Food.ru

Re: SQUID и оперативная память

Re: SQUID и оперативная память

Re: SQUID и оперативная память

Re: SQUID и оперативная память

Re: SQUID и оперативная память

Re: SQUID и оперативная память

Re: SQUID и оперативная память