Its been a few days that I did some tweaking on Squid Proxy and it appears stable! This all came about as I was trying to speed-up data fetching and finding that for some reason the cache was just too slow for actual use. I wondered if it was at all worth it (obviously slow proxy means unhappy users ... especially if its your home users).
In gratitude to the discussion I found in the forum, its reposted and message re-arranged here in summary below:
Question:
Why squid is so slow?
Answer:
The default configuration of pfSense is a router not as a server, that is why kern.ipc.nmbclusters="0". Simply remove this line and Squid will be just fine.
Add the lines below to the /boot/loader.conf
kern.ipc.nmbclusters=32768
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.ip.portrange.last=65535
Alternatively, just delete it and replace with:
autoboot_delay="1"
#kern.ipc.nmbclusters="0"
hint.apic.0.disabled=1
kern.hz=100
#for squid
kern.ipc.nmbclusters="32768"
kern.maxfiles="65536"
kern.maxfilesperproc="32768"
net.inet.ip.portrange.last="65535"
were can i find my loader.conf..if i use virtual machine to install pfsense..sense squid is built in pfsense...
ReplyDeleteThanks!
ReplyDeleteI applied these tweaks to my pfsense and noticed an increase in speed all around. Most importantly this greatly improved the performance of squid.
That default setting may be a left over from Monowall which is optimized for embedded boxes with low memory etc. You should bring this to the attention of the pf developers.
Regards,
Sam
Thanks a lot man, this tip works great!!!
ReplyDeleteRegards from Uruguay
Adis
thx!
ReplyDeleteRegards from Portugal