03.17.12
by

Does your Hosting Support Squid?


How compile and install squid?

How to tune disk storage?

Use of redirectors in squid

Managing Bandwidth

Are you a net surfer?

Do you want to reduce the bandwidth consumption?

Do you want to improve the network performance?

How to reduce the load on web server and makes web pages load faster?

Answer to above questions is Squid, which is web caching software independent of platform. Squid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic. So now the hosting companies have started providing Squid hosting.

Features of Squid:

  • It acts as a firewall and proxies your internal web traffic.
  • It ensures that only authorized users can surf the Internet, behaves like a parental lock and prevent users from browsing inappropriate websites
  • It filters sensitive information from web requests and enhances your privacy.
  • Beneficial for companies, libraries, organizations, colleges and schools where IPod is a charm and given to the students of class VI onwards.
  • Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL..

Compiling and Installing Squid:

Compiling Squid is relatively straightforward. If you’ve installed more than a few open source packages, you’re probably already familiar with the procedure. You first use a program called. /configure to probe your system and then a program called makes to do the actual compiling. To compile squid you basically need an ANSI C compiler. Except ANSI C compiler you’ll also need Perl and awk. Awk is a standard program on all UNIX systems, so you shouldn’t need to worry about it. Perl is quite common, but it may not be installed on your system by default. You may need the gzip program to uncompress the source distribution file.

After compiling, now you need to install the programs into their permanent directories. This might require super user privileges, to put files in the installation directories. f you enable Squid’s ICMP measurement features with the enable-icmp option, you must install the pinger program. The pinger program must be installed with super user privileges because only root is allowed to send and receive ICMP messages. The following command installs pinger with the appropriate permissions:

# make install-pinger

Go To Top

Running Squid: Squid normally runs as a daemon process. If you are new to Squid, however, I recommend running Squid in the foreground from a terminal window until you are confident that it is working properly. Following that, you can run Squid as a daemon, in the background. You can send signals to the running Squid process to execute various tasks, such as halting and reconfiguring Squid, and rotating the log files. Although you can use the kill command to send signals, it is easier to use the squid -k commands. –k is basically an administrative function which has the following functions: reconfigure, rotate, shutdown, interrupt, kill, debug, check, or parse. Before running Squid for the first time, and whenever you add a new cache_dir, you must initialize the cache directories. The command is simply:

% squid –z

Using Squid’s sophisticated access controls: As we all know that access controls are the most important part of any configuration file. We can use them to grant access to the authorized users and to stop unauthorized access. You can use them to restrict, prevent access to, to control request rewriting, to route requests through a hierarchy and to support different qualities of service.

Basically, access controls are built on two different components. You can define a number of access control list elements. These elements refer to specific aspects of client requests, such as IP addresses, URL hostnames and request methods. After defining the necessary elements, you combine them into a number of access list rules. The rules apply to particular services or operations within Squid.

As your access control configuration becomes longer, it also becomes more complicated. I strongly encourage you to test your access controls before turning them loose on a production server. Of course, the first thing you should do is make sure that Squid can correctly parse your configuration file. Use the -k parse feature for this:

% squid -k parse

Tuning disk storage for optimal performance: Squid has a number of different storage schemes. The schemes have different properties and techniques for organizing and accessing cache data on the disk. Most of them use the file system interface system calls. Squid has five different storage schemes: ufs, aufs, diskd, coss, and null. The first three use the same directory layout, and they are thus interchangeable. coss is an attempt to implement a new file system specifically optimized for Squid. Null is a minimal implementation of the API: it doesn’t actually read or write data to/from the disk.

As long as the total disk usage is below cache_swap_low, Squid doesn’t remove cached objects. As the cache size increases, Squid becomes more aggressive about removing objects. Under steady-state conditions, you should find that disk usage stays relatively close to the cache_swap_low value.

Go To Top

Configuring your operating system for HTTP interception: As we all know that the operating system of Squid is configured to accept the foreign packets and deliver them to the Squid process. First of all to make HTTP interception work, we will need to configure three separate components: a network device, Squid’s operating system, and Squid itself. The obvious benefit of interception caching is that all HTTP requests leaving your network automatically go through Squid. You don’t need to worry about configuring any browsers or that users might disable their proxy settings. Interception caching puts you, the network administrator, in control of the HTTP traffic. You can change, add, or remove Squid caches from service without significantly interrupting your users’ web surfing.

Forwarding Requests to other web caches: May be there can be any reason to find that you want Squid to forward its cache misses to another cache or HTTP proxy. This is necessary, for example, if you are using Squid inside a large corporate network that has one or more firewalls protecting you from the outside world. And if your caching service is actually a cluster of Squid caches, you probably want them to cooperate with each other to minimize duplication of cached responses. You can also use Squid as a content router routing web traffic in different directions based on some aspect of the request. Or, perhaps you’d like to participate in an informal collection of caches to further improve response time and reduce wide-area network traffic.

Using redirectors to rewrite user requests: The most important fact about Squid is that it has the ability to alter requested URLs. If used as an external process then Squid can be configured to pass every incoming URL through a helper process that returns either a new URL, or a blank line to indicate no change. It allows the administrator to control the locations to which his users go.The redirector feature allows you to implement a number of interesting things with Squid. Many sites use them for access controls, removing advertisements, local mirrors, or even working around browser bugs. A redirector is really just a program that reads a URI and other information from its input and writes a new URI on its output. Perl and Python are popular languages for redirectors, although some authors use compiled languages such as C for better performance. We can use redirectors to rewrite user requests.

Go To Top

Monitoring Squid with the cache manager and SNMP: One important fact that Squid writes various messages to cache.log as it runs. Most of these are abnormal events of one sort or another. But for some reasons, Squid isn’t always smart enough to differentiate serious problems from those that can be safely ignored. Without many problems also cache.log is a good place to start when investigating a Squid problem. The cache manager and SNMP interfaces allow you to query Squid for a variety of data. The cache manager, which has its own shortcomings, probably provides the most information in current versions of Squid. Squid supports SNMP as well. Unfortunately, the data available through SNMP is only a subset of the cache-manager information. So with the help of cache manager and SNMP we can easily monitor Squid.

Using Squid to accelerate and protect HTTP servers: Server acceleration is generally used as a technique to improve the performance of slow, or heavily loaded, backend servers. It works well because origin servers tend to have a relatively small hot set.

Managing bandwidth consumption with Delay Pools: Bandwidth control in squid entails two steps. One is to create an ACL (Access Control List) and the other to create a delay pool. In the Squid configuration menu, go to the Access control option. Here you’ll notice that some default ACLs are already made. Create an access control of your own. Delay pools provide a means to restrict bandwidth usage of clients. With delay pools, clients can be restricted at the individual level, or in groups. ACLs are used to apply bandwidth limits to users. For creating Delay pools, go to the main Squid configuration interface and select the Delay pool option.

Go To Top

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.