[FUG-BR] Ajuda com squid

Fabiano Carlos Heringer bigu em grupoheringer.com.br
Sábado Outubro 16 09:14:04 BRT 2010 

  Pessoal, estou tendo problemas serissimos no meu Freebsd quando starto 
o squid.

A navegacao fica extremamente lenta, e os pings para o gateway onde esta 
o squid, ficam oscilando..chega a 300ms, até perder pacotes.

A maquina é um Core2Duo 2GB de RAM, HD 500GB SATA, O freebsd é

gateway# uname -a
FreeBSD gateway.xxxx 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Fri Oct 15 
08:58:33 BRT 2010     root em gateway.xxxx:/usr/obj/usr/src/sys/HERINGER  i386

Ja tentei varios tipos de configuracoes no squid, mas nada resolve...ja 
troquei até de maquina, placa de rede, reinstalei freebsd. Ja removi o 
squidguard, troquei tipo de filesystem, restartei o cache, instalei o 
squid 3.x, mudei os parametros de cache_replacement (voltei para o 
original) e nada...

meu squid.conf:

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
error_directory /usr/local/etc/squid/errors/Portuguese
#logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st 
"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
logformat combined %>a %mt
logfile_rotate 4
visible_hostname gateway.grupoheringer.com.br
request_body_max_size 2 MB
url_rewrite_program /usr/local/bin/squidGuard -c 
/usr/local/etc/squid/squidGuard.conf
url_rewrite_children 15
url_rewrite_host_header off
dns_nameservers 10.0.0.2
dns_nameservers 10.0.0.3
dns_nameservers 10.0.0.4

ipcache_size 1024
ipcache_low 90
ipcache_high 95

cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_mem 1024 MB
maximum_object_size 100000 KB
minimum_object_size 4 KB
maximum_object_size_in_memory 128 KB
cache_dir aufs /usr/local/squid/cache 10000 32 256
#cache_dir diskd /squid/cache 10000 32 512 Q1=72 Q2=64
half_closed_clients off
server_persistent_connections off
client_persistent_connections off
memory_pools off
buffered_logs on
pipeline_prefetch on


### O restante sao so regras de bloqueio

gateway# netstat -m
407/1393/1800 mbufs in use (current/cache/total)
402/1164/1566/25600 mbuf clusters in use (current/cache/total/max)
401/1007 mbuf+clusters out of packet secondary zone in use (current/cache)
3/101/104/12800 4k (page size) jumbo clusters in use 
(current/cache/total/max)
0/0/0/6400 9k jumbo clusters in use (current/cache/total/max)
0/0/0/3200 16k jumbo clusters in use (current/cache/total/max)
917K/3080K/3998K bytes allocated to network (current/cache/total)
0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
0/0/0 requests for jumbo clusters denied (4k/9k/16k)
0/5/6656 sfbufs in use (current/peak/max)
0 requests for sfbufs denied
0 requests for sfbufs delayed
0 requests for I/O initiated by sendfile
0 calls to protocol drain routines

Quando redirecionado para o squid via PF, olhem como ficam os pings para 
uma rede dentro da rede local.

Ao desabilitar o squid, tudo volta ao normal.

64 bytes from 10.0.0.2: icmp_seq=114 ttl=128 time=0.359 ms
64 bytes from 10.0.0.2: icmp_seq=115 ttl=128 time=0.354 ms
64 bytes from 10.0.0.2: icmp_seq=116 ttl=128 time=0.402 ms
64 bytes from 10.0.0.2: icmp_seq=117 ttl=128 time=0.465 ms
64 bytes from 10.0.0.2: icmp_seq=118 ttl=128 time=104.028 ms
ping: sendto: No buffer space available
64 bytes from 10.0.0.2: icmp_seq=120 ttl=128 time=4.181 ms
ping: sendto: No buffer space available
64 bytes from 10.0.0.2: icmp_seq=122 ttl=128 time=0.330 ms
64 bytes from 10.0.0.2: icmp_seq=123 ttl=128 time=157.064 ms
64 bytes from 10.0.0.2: icmp_seq=124 ttl=128 time=108.539 ms
64 bytes from 10.0.0.2: icmp_seq=125 ttl=128 time=61.842 ms
64 bytes from 10.0.0.2: icmp_seq=126 ttl=128 time=91.489 ms
64 bytes from 10.0.0.2: icmp_seq=127 ttl=128 time=0.351 ms
64 bytes from 10.0.0.2: icmp_seq=128 ttl=128 time=77.771 ms
64 bytes from 10.0.0.2: icmp_seq=129 ttl=128 time=0.395 ms
64 bytes from 10.0.0.2: icmp_seq=130 ttl=128 time=4.056 ms

Alguma ideia?

Obrigado

Mais detalhes sobre a lista de discussão freebsd