<html class="apple-mail-supports-explicit-dark-mode"><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">Is it rock cache and how many workers are you using ? <div dir="ltr">Sent from my iPhone</div><div dir="ltr"> <blockquote type="cite">On Feb 14, 2026, at 11:45, Brad House <brad@brad-house.com> wrote: </blockquote></div><blockquote type="cite"><div dir="ltr"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> I've got a squid deployment where serving from cache can be slower than an uncached download. I'm seeing speeds of around 50MB/s when serving from cache, which is much slower than anticipated. Infact, when hitting fast upstream servers, serving of a non-cached asset is faster (even though its still hitting squid to fetch it). I'm thinking there's got to be something wrong with my squid configuration, I'm currently running on Rocky Linux 10 with Squid 6.10-6. The VM I'm using currently has 4 cores, 16G RAM and 100G of usable space. I used fio to measure disk performance and I got <ul data-list-tree="true" data-indent="1" data-border="0" style="margin: 4px 0 4px 24px; padding: 0; list-style-position: outside"> <li style="margin: 2px 0; padding: 0; color: #1d1c1d">Random Write: 3629MiB/s (1MB block), 33.2k (4k block) IOPS</li> <li style="margin: 2px 0; padding: 0; color: #1d1c1d">Random Read: 8391MiB/s (1MB block), 43.5k (4k block) IOPS</li> </ul> Adding more cpu cores or ram doesn't appear to impact performance. The underlying infrastructure is made up of hypervisors with dual 100G uplinks, both the client and squid run on the same hypervisor cloud. Network performance is not the issue. As a test, I spun up Apache Traffic Server and get over 800MB/s when serving from cache. We have a large on site build system that spins up runners for GitHub actions, and they're constantly fetching large assets from the internet for each build, hence our desire for a caching proxy. We'd rather not switch to Apache Traffic Server as that doesn't have SSL bump capability (we haven't yet enabled that capability in squid, however). Hopefully there's a simple configuration I'm missing. Just for testing I was pulling large image via http that is below my max object size: <a class="moz-txt-link-freetext" href="http://mirrors.edge.kernel.org/ubuntu-releases/20.04.6/ubuntu-20.04.6-live-server-amd64.iso">http://mirrors.edge.kernel.org/ubuntu-releases/20.04.6/ubuntu-20.04.6-live-server-amd64.iso</a> Configuration below: acl public src 0.0.0.0/0 acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 443 http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access deny manager http_access allow public http_access deny to_localhost http_access deny to_linklocal http_access deny all http_port 8080 maximum_object_size 2 GB cache_dir aufs /var/spool/squid 325632 16 256 cache_mem 1000 MB maximum_object_size_in_memory 102400 KB coredump_dir /var/spool/squid refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern deb$ 129600 100% 129600 refresh_pattern udeb$ 129600 100% 129600 refresh_pattern tar.gz$ 129600 100% 129600 refresh_pattern tar.xz$ 129600 100% 129600 refresh_pattern tar.bz2$ 129600 100% 129600 refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims refresh_pattern \/InRelease$ 0 0% 0 refresh-ims refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims refresh_pattern changelogs.ubuntu.com\/.* 0 1% 1 Thanks! -Brad _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org https://lists.squid-cache.org/listinfo/squid-users </div></blockquote></body></html>