Professional Documents
Culture Documents
Squid Is An Open Source Caching Proxy Server
Squid Is An Open Source Caching Proxy Server
html
/etc/squid/squid.conf
squid is an open source caching proxy server. As a cache proxy server, squid accepts request
data from client and passes it to appropriate Internet server. It keeps a copy of the returned
data, especially hot objects cached in RAM. Squid also caches DNS lookups and supports non-
blocking DNS lookups. Even when a client terminates a request, squid continues to fetch and
complete the requested data. When it receives the same request again from other client, it
just passes the stored data in its cache. This is the basic concept of how squid works,
speeding up the Internet access and saving bandwidth.
Other than http protocol, squid supports FTP, gopher, and HTTP data objects. Squid also
supports other caching protocols too, such as:
A cache proxy server can greatly improve Internet performance and squid cache proxy server
is very fast and well known for high performance caching proxy server in Linux world. A
normal firewall proxy does not store copy of returned data like squid does. Squid cache proxy
server works great with firewall on the upper level and squid in the lower level protecting local
network from each other.
Before setting up a squid cache proxy server, you should consider several things that will
influence the performance of the caching server later. The most important things are server
hardware.
As we already know, squid stores meta data especially hot objects cached in RAM. So having a
big RAM will improve squid performance and overall server performances. However, cpu power
doesn't really effect squid performance.
While keeping all caches in the hard disk, having a fast random-seek-time hard disk would
boost squid performances. A high rpm hard disk is good but the price is higher. You would
better consider adding extra hard disk with fast random-seek-time because having many hard
disk also improve squid performances.
You can check whether squid is already installed by checking squid service with ps command.
To simply grab a running squid service with ps command, add | (pipe) and grep option like the
example below:
So there is no squid process running in our system. Then we can install squid package using
apt-get package management system. Example of squid package installation in Ubuntu using
apt-get:
Squid configuration file is in /etc/squid directory. So change directory to /etc/squid and see
what we have there.
luzar@ubuntu:~$ cd /etc/squid/
luzar@ubuntu:/etc/squid$ ls
squid.conf
luzar@ubuntu:/etc/squid$
We just have one file, squid.conf, which is the main configuration file for squid. For a safety
reason, we will make a copy of squid.conf as a backup before we start editing the file. Here is
a command to copy squid.conf:
Here is a step by step guide on how to configure a basic squid caching proxy server. Open
squid.conf with your favorite text editor. Here is an example using vim editor :
This is an example of squid.conf file when you open it with vim editor:
Go to the line http_port. We are going to set http port for the squid caching proxy server.
You can set port as in example below:
Tips: If you are using vim, in command mode, type /term to search for the term you are
looking for. Pres n to find the next occurrence of the search term. Squid.conf is quite a big file
for you to scroll.
Next, we are going to set cache directory for our squid caching proxy server. The cache_dir is
disabled by default. You can copy that line and add your preferred cache directory size for
your caching proxy server. You can set more than one cache directory if you have many
partitions and named the cache directory as cache1, cache2, cache3, so forth.
#Default:
# cache_dir ufs /var/spool/squid 100 16 256
cache_dir ufs /var/spool/squid/cache1 1000 16 256
The value 100 after cache directory is the size value in MB. Set it according to your need.
Remember that the cache directory must be empty. In the example above, I set it to 1000MB.
The second and third values (16 256) are sub directory first and second tier.
We can set administrator email address in cache_mgr so email can automatically sent to us if
squid dies.
#Default:
# cache_mgr webmaster
cache_mgr webmaster
Another important configuration we need to set is squid log. Squid log can be set in
access_log parameter. This is the default path and file used:
Squid automatically create a default user proxy and a group proxy during the installation.
Enable those names in the cache_effective_user and cache_effective_group in squid.conf
file.
#Default:
# cache_effective_user proxy
cache_effective_user proxy
#Default:
# none
cache_effective_group proxy
#Default:
# ftp_user Squid@
ftp_user Squid@
Now we need to set simple access control (acl) to allow ip address in our local network. Search
for the acl localnet line and add your local area network ip addresses.
That covers all the basic squid configurations. Now we can restart squid service:
This is a guide for Ubuntu dhcp server installation setup. DHCP is a Dynamic Host
Configuration Protocol. By configuring a dhcp server, system administrator won't have to
manually assign static ip address and other information for clients.
A traditional Linux dhcp server called dhcpd. However, a default Ubuntu server Hardy
installation, you can no longer install dhcpd. There is no more dhcpd. Ubuntu Hardy or
Intrepid only has these dhcp client and server packages:
Well, now we have Starting DHCP server dhcpd3 - Fail. Let's see what is the problem:
So we haven't configure the dhcp configuration yet. Ok now let's configure the dhcp
configuration file. The dhcp configuration file is /etc/dhcp3/dhcpd.conf. Below is the default
ubuntu /etc/dhcp3/dhcpd.conf file:
#
# Sample configuration file for ISC dhcpd for Debian
#
# Attention: If /etc/ltsp/dhcpd.conf exists, that will be used as
# configuration file instead of this file.
#
# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
#
default-lease-time 600;
max-lease-time 7200;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
#host passacaglia {
# hardware ethernet 0:0:c0:5d:bd:95;
# filename "vmunix.passacaglia";
# server-name "toccata.fugue.com";
#}
#shared-network 224-29 {
# subnet 10.17.224.0 netmask 255.255.255.0 {
# option routers rtr-224.example.org;
# }
# subnet 10.0.29.0 netmask 255.255.255.0 {
# option routers rtr-29.example.org;
# }
# pool {
# allow members of "foo";
# range 10.17.224.10 10.17.224.250;
# }
# pool {
# deny members of "foo";
# range 10.0.29.10 10.0.29.230;
# }
#}
Don't do anything to file yet. We need to backup the file in case something wrong happened.
Use Linux cp command to duplicate the file like the example below:
Now you can edit the file with your favorite text editor. Here is an example of a simple
dhcpd.conf configuration for a local network:
# /etc/dhcp3/dhcpd.conf
#
#
ddns-update-style none;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;
To make the dhcpd.conf configuration file above works for you, just change the domain name
and related ip addresses. When you are done, restart dhcp3 service again. Here is the
command:
If you failed again, then there is something wrong with your dhcp.conf configuration.
Normally, there is an error prompt that include detail about the error such as error name and
error line. So, write that down, open dhcp configuration file again and fix the error. Also you
can find the error in /var/log/messages and /var/log/daemon.log files. Use tail command to
view latest error.
We give Networking Solutions from Simple Networking to Sophisticated Networking as
follows:
Following are some of the administration tasks which falls under this package.
• Server Maintenance
• Log auditing
• Software Configuration
• Service Monitoring
• Security Audit
• Software Upgrades
• Date/Time/Time zone
• DNS Setup
• Application Installation
• Kernel upgrade/tuning
• Firewall installation