[tproxy] squid+tproxy working with slow connection rate (plaintext)
Balazs Scheidler
bazsi at balabit.hu
Wed Feb 27 08:50:11 CET 2008
On Tue, 2008-02-26 at 16:01 +0100, Auto wrote:
> I have squid 2.6.STABLE17 with tproxy compiled in, linux kernel (2.6.20.14) is properly patched with tproxy.
> Tproxy is working fine and it's spoofing the ip addressed correctly, but there's very strange new connection limit.
> When i run squid in transparent mode (without tproxy) i got 400-500 conn/sec with httperf and default parms, but with tproxy option i got about 9 conn/sec.
>
> Here's the output:
> httperf --client=0/1 --server=192.168.1.1 --port=65432 --uri=/ --send-buffer=4096 --recv-buffer=16384 --num-conns=1 --num-calls=1
> Maximum connect burst length: 0
>
> Total: connections 1 requests 1 replies 1 test-duration 0.110 s
>
> Connection rate: 9.1 conn/s (110.2 ms/conn, <=1 concurrent connections)
> Connection time [ms]: min 110.2 avg 110.2 max 110.2 median 110.5 stddev 0.0
> Connection time [ms]: connect 1.8
> Connection length [replies/conn]: 1.000
>
> Even on localhost when i get about 4000 conn/sec i got only 9 with tproxy option.
> Is there something that limits the number of new connections and delays SYN ?
Strange, we are using tproxy with much higher connection rates. Which
tproxy version are you using? 4.0, 4.1 or 2.0?
Are you sure the packets are not routed differently if IP addresses are
different?
110msec for a connection establishment on the local network seems very
high to me. Can you show a tcpdump of one session to see how the timing
goes?
--
Bazsi
More information about the tproxy
mailing list