Squid 需要很长时间才能获得 HTTP 请求的响应,从未命中邻居缓存

tag-icon tag-icon linux cache squid
Squid 需要很长时间才能获得 HTTP 请求的响应,从未命中邻居缓存

我正在尝试按照以下步骤在兄弟模型中安装 Squid这些说明。但是当客户端执行 HTTP 请求时,需要很长时间才能从服务器获得响应。

系统模型:

+---------+          +----------+
|         |  sibling |          |
| Squid 1 +----------+ Squid 2  |
|         |    Net   |          |
+----^----+          +-----^----+
     |                     |
     |                     |
+----+----+          +-----+----+
| Net 1   |          |   Net 2  |
|         |          |          |
+---------+          +----------+

我使用以下选项运行了 squid:

$ sbin/squid -v
--enable-cache-digests \
--enable-htcp \
--enable-icmp \
--enable-async-io

squid.conf文件:

acl localnet src 192.168.1.0/24 # LAN net
acl peernet src 192.168.55.0/24 # peer net
acl localhost src 127.0.0.1/32

acl SSL_ports port 443
acl Safe_ports port 80      # http
acl Safe_ports port 443     # https
acl CONNECT method CONNECT

#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
miss_access allow all

http_access allow localnet
http_access allow peernet
http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all

# Squid normally listens to port 3128
http_port 3129
http_port 3128 intercept

# Uncomment and adjust the following to add a disk cache directory.
cache_dir aufs /usr/local/squid/var/cache/squid 100 16 256

# Leave coredumps in the first cache dir
coredump_dir /usr/local/squid/var/cache/squid
cache_effective_user proxy
cache_replacement_policy heap GDSF
digest_generation on

htcp_port 4827
htcp_access allow peernet

cache_peer 192.168.55.2 sibling 3128 4827 htcp
cache_peer_access 192.168.55.2 allow
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp:       1440    20% 10080
refresh_pattern ^gopher:    1440    0%  1440
refresh_pattern -i (/cgi-bin/|\?) 0 0%  0
refresh_pattern .       0   20% 4320

我使用选项执行了 squid -Nd1,这是 cache.log。

2016/04/02 20:38:06| Set Current Directory to /usr/local/squid/var/cache/squid
2016/04/02 20:38:06| Starting Squid Cache version 3.5.12 for x86_64-unknown-linux-gnu...
2016/04/02 20:38:06| Service Name: squid
2016/04/02 20:38:06| Process ID 3077
2016/04/02 20:38:06| Process Roles: master worker
2016/04/02 20:38:06| With 65536 file descriptors available
2016/04/02 20:38:06| Initializing IP Cache...
2016/04/02 20:38:06| DNS Socket created at [::], FD 8
2016/04/02 20:38:06| DNS Socket created at 0.0.0.0, FD 9
2016/04/02 20:38:06| Adding nameserver 10.0.4.3 from /etc/resolv.conf
2016/04/02 20:38:06| Logfile: opening log daemon:/usr/local/squid/var/logs/access.log
2016/04/02 20:38:06| Logfile Daemon: opening log /usr/local/squid/var/logs/access.log
2016/04/02 20:38:06| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2016/04/02 20:38:06| Store logging disabled
2016/04/02 20:38:06| Swap maxSize 102400 + 262144 KB, estimated 28041 objects
2016/04/02 20:38:06| Target number of buckets: 1402
2016/04/02 20:38:06| Using 8192 Store buckets
2016/04/02 20:38:06| Max Mem  size: 262144 KB
2016/04/02 20:38:06| Max Swap size: 102400 KB
2016/04/02 20:38:06| Rebuilding storage in /usr/local/squid/var/cache/squid (clean log)
2016/04/02 20:38:06| Using Least Load store dir selection
2016/04/02 20:38:06| Set Current Directory to /usr/local/squid/var/cache/squid
2016/04/02 20:38:06| Finished loading MIME types and icons.
2016/04/02 20:38:06| Pinger socket opened on FD 18
2016/04/02 20:38:06| Configuring Sibling 192.168.55.2/3128/4827
2016/04/02 20:38:06| Squid plugin modules loaded: 0
2016/04/02 20:38:06| Adaptation support is off.
2016/04/02 20:38:06| Accepting HTTP Socket connections at local=[::]:3129 remote=[::] FD 14 flags=9
2016/04/02 20:38:06| Accepting NAT intercepted HTTP Socket connections at local=[::]:3128 remote=[::] FD 15 flags=41
2016/04/02 20:38:06| Accepting HTCP messages on [::]:4827
2016/04/02 20:38:06| Sending HTCP messages from [::]:4827
2016/04/02 20:38:06| pinger: Initialising ICMP pinger ...
2016/04/02 20:38:06|  icmp_sock: (1) Operation not permitted
2016/04/02 20:38:06| pinger: Unable to start ICMP pinger.
2016/04/02 20:38:06|  icmp_sock: (1) Operation not permitted
2016/04/02 20:38:06| pinger: Unable to start ICMPv6 pinger.
2016/04/02 20:38:06| FATAL: pinger: Unable to open any ICMP sockets.
2016/04/02 20:38:06| Done reading /usr/local/squid/var/cache/squid swaplog (2857 entries)
2016/04/02 20:38:06| Finished rebuilding storage from disk.
2016/04/02 20:38:06|      2857 Entries scanned
2016/04/02 20:38:06|         0 Invalid entries.
2016/04/02 20:38:06|         0 With invalid flags.
2016/04/02 20:38:06|      2857 Objects loaded.
2016/04/02 20:38:06|         0 Objects expired.
2016/04/02 20:38:06|         0 Objects cancelled.
2016/04/02 20:38:06|         0 Duplicate URLs purged.
2016/04/02 20:38:06|         0 Swapfile clashes avoided.
2016/04/02 20:38:06|   Took 0.04 seconds (74196.23 objects/sec).
2016/04/02 20:38:06| Beginning Validation Procedure
2016/04/02 20:38:06|   Completed Validation Procedure
2016/04/02 20:38:06|   Validated 2857 Entries
2016/04/02 20:38:06|   store_swap_size = 91872.00 KB
2016/04/02 20:38:07| storeLateRelease: released 0 objects

access.log浏览 stackoverflow.com 时的文件:

1459597205.479  37432 192.168.1.2 TCP_MISS/200 41999 GET http://stackoverflow.com/ - ORIGINAL_DST/104.16.34.249 text/html
1459597210.495      0 192.168.55.2 TCP_DENIED/403 4046 GET http://192.168.55.1:3128/squid-internal-dynamic/netdb - HIER_NONE/- text/html
1459597240.228  35029 192.168.1.2 TCP_MISS/200 1729 GET http://cdn.sstatic.net/Sites/stackoverflow/img/favicon.ico? - ORIGINAL_DST/104.16.106.204 image/x-icon
1459597240.235  35036 192.168.1.2 TCP_MISS/200 13373 GET http://cdn.sstatic.net/Js/stub.en.js? - ORIGINAL_DST/104.16.106.204 application/javascript
1459597240.252  35053 192.168.1.2 TCP_MISS/200 86771 GET http://cdn.sstatic.net/Sites/stackoverflow/all.css? - ORIGINAL_DST/104.16.106.204 text/css
1459597245.368  40159 192.168.1.2 TCP_MISS/200 33742 GET http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js - ORIGINAL_DST/216.58.221.234 text/javascript
1459597245.644      9 192.168.1.2 TCP_MISS/200 3089 GET http://cdn.sstatic.net/Sites/stackoverflow/img/sprites.svg? - ORIGINAL_DST/104.16.106.204 image/svg+xml
1459597245.648     13 192.168.1.2 TCP_MISS/200 10060 GET http://cdn.sstatic.net/img/share-sprite-new.svg? - ORIGINAL_DST/104.16.106.204 image/svg+xml
1459597245.663     20 192.168.1.2 TCP_MISS/200 58777 GET http://cdn.sstatic.net/img/favicons-sprite16.png? - ORIGINAL_DST/104.16.106.204 image/png
1459597245.682     11 192.168.1.2 TCP_MISS/200 36085 GET http://cdn.sstatic.net/Js/full-anon.en.js? - ORIGINAL_DST/104.16.106.204 application/javascript
1459597246.094     65 192.168.1.2 TCP_MISS/200 1053 GET http://cdn.sstatic.net/Js/unikong/unikong.js? - ORIGINAL_DST/104.16.106.204 application/javascript
1459597246.122     18 192.168.1.2 TCP_MISS/200 854 GET http://cdn.sstatic.net/shared/unikong.css? - ORIGINAL_DST/104.16.106.204 text/css
1459597246.224      8 192.168.1.2 TCP_MISS/200 15691 GET http://cdn.sstatic.net/img/unikong/banner.png? - ORIGINAL_DST/104.16.106.204 image/png
1459597246.553    522 192.168.1.2 TCP_MISS/204 367 POST http://stackoverflow.com/gps/event - ORIGINAL_DST/104.16.34.249 -
1459597285.276  39900 192.168.1.2 TCP_MISS/200 1476 GET https://i.stack.imgur.com/sawHl.png - ORIGINAL_DST/104.16.110.18 image/png
1459597285.276  39901 192.168.1.2 TCP_MISS/200 957 GET https://i.stack.imgur.com/WVlkK.png - ORIGINAL_DST/104.16.110.18 image/png
1459597285.277  39901 192.168.1.2 TCP_MISS/200 918 GET https://i.stack.imgur.com/tKsDb.png - ORIGINAL_DST/104.16.110.18 image/png
1459597285.278  39903 192.168.1.2 TCP_MISS/200 4172 GET https://i.stack.imgur.com/vobok.png - ORIGINAL_DST/104.16.110.18 image/png
1459597285.279  39903 192.168.1.2 TCP_MISS/200 1683 GET https://i.stack.imgur.com/xqoqk.png - ORIGINAL_DST/104.16.110.18 image/png
1459597285.308     31 192.168.1.2 TCP_MISS/200 1001 GET https://i.stack.imgur.com/PVepA.png - ORIGINAL_DST/104.16.110.18 image/png
1459597285.308     31 192.168.1.2 TCP_MISS/200 4172 GET https://i.stack.imgur.com/2NOCA.png - ORIGINAL_DST/104.16.110.18 image/png
1459597285.471  40093 192.168.1.2 TCP_MISS/200 4323 GET https://i.stack.imgur.com/EdUwb.png - ORIGINAL_DST/104.16.110.18 image/png
1459597388.905   1855 192.168.1.2 TAG_NONE_ABORTED/000 0 POST http://clients1.google.com/ocsp - HIER_NONE/- -
1459597413.092   1792 192.168.1.2 TAG_NONE_ABORTED/000 0 POST http://ocsp.digicert.com/ - HIER_NONE/- -

你可以看到,完全加载花了 37 秒,我无法解释。

相关内容