IT技术博客大学习 共学习 共进步
首页 / Apache

Squid 透明代理优化

LinuxByte 2011-03-02 22:58:53 累计浏览 3,488 次
标签 Squid 透明代理

    主要记录下用Squid 做正向代理(透明代理)时的优化设置,一切尚在调试中所以下面的优化方式都是正确的。

    内核调整

     /etc/sysctl.conf 下面添加

net.ipv4.netfilter.ip_conntrack_tcp_timeout_established =900
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.conf.all.proxy_arp = 1
net.ipv4.tcp_synack_retries = 3
net.ipv4.ip_conntrack_max = 81920
net.ipv4.tcp_fin_timeout = 5
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000

    使设置生效

 /sbin/sysctl -p

    文件系统设置

     将squid缓存放入独立的文件系统中,文件系统格式建议用Reiserfs,挂载时使用’noatime’参数提高IO性能。

LABEL=/squid             /squid               reiserfs    defaults,noatime     0 0

    squid.conf

http_port 192.168.0.254:3128 transparent
cache_mgr hew@linuxbyte.org
cache_mem 512 MB
cache_dir ufs /squid/squid 51200 12 256
maximum_object_size_in_memory 128 KB
maximum_object_size 64 MB
 
#cache_access_log /var/log/squid/access.log squid
cache_access_log none
cache_log none
cache_store_log none
#logfile_rotate 4
 
max_filedesc 6144
pipeline_prefetch on
memory_pools off
memory_pools_limit none
mime_table /etc/squid/mime.conf
 
refresh_pattern -i \\.css$ 1440 50% 129600 reload-into-ims
refresh_pattern -i \\.xml$ 1440 50% 129600 reload-into-ims
refresh_pattern -i \\.htm$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \\.html$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \\.shtml$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \\.png$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \\.jpg$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \\.jpeg$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \\.gif$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \\.bmp$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \\.js$ 1440 90% 129600 reload-into-ims
 
refresh_pattern -i \\.mp3$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.wmv$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.rm$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.swf$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.mpeg$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.wma$ 1440 50% 2880 ignore-reload
 
refresh_pattern -i \\.exe$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.rar$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.zip$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.gz$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.bz2$ 1440 50% 2880 ignore-reload
refresh_pattern -i \\.7z$ 1440 50% 2880 ignore-reload
 
client_lifetime 1 hours
half_closed_clients off
visible_hostname proxy.linuxbyte.org
 
cache_effective_user squid
cache_effective_group squid
 
cache_swap_low 75
cache_swap_high 95
 
dns_nameservers 192.168.0.254
 
acl QUERY urlpath_regex -i cgi-bin \\?
cache deny QUERY
 
acl all src 0.0.0.0/0
acl localnet src 192.168.0.0/24
http_access allow localnet
http_access deny all

建议继续学习

  1. 使用Squid缓存视频 (累计阅读 10,244)
  2. 系统架构的一些思考 (累计阅读 6,684)
  3. [调优] Squid 不同版本的性能对比 (累计阅读 5,464)
  4. Squid 限制用户并发连接数 (累计阅读 5,107)
  5. [squid] 过期时间在 60 秒内 squid 不 Cache 的问题 (累计阅读 4,864)
  6. squid缓存失效之谜:一步步提高squid缓存命中率办法记录 (累计阅读 4,825)
  7. 加速WEB访问:使用DNSmasq与squid代理并过滤广告 (累计阅读 4,427)
  8. [Squid] TCP_MEM_HIT 和 TCP_HIT 的性能到底相差多远 (累计阅读 4,365)
  9. squid对源网站进行限速 (累计阅读 3,927)
  10. Cache 文件是否存在的查询 (累计阅读 3,464)