Nov 21, 2009

Tips & Tricks for SQUID (Proxy) Server

Overview

This article will be helpful to improve your squid performance in any hectic and slow bandwidth / traffic kind of scenario. This will also helpful to the organization, who will use the only one Squid Server Hardware and giving the internet access to more then 1000 users. Even, you can bypass or stream line your SSL / SAFE ports for any outgoing traffic, which needs to be allow.

1) Faster Performance of Cache

To take the advantage of the Squid Cache, mount the “Cache directory” on “diskd” format. Also use more than 1 hard disk and mount /cache directory on each hard disk to get faster performance of cache.

2) Partition & Mount Point

Create and Mount the /log and /var directory on separate hard disk to faster performance of Squid Server.

3) Bandwidth Management

If you have Lower Bandwidth and Higher End Server with minimum 3 harddisk for Cache and 4 GB Minimum Ram, then keep:

“maximum_object_size 4028 KB” &
“maximum_object_size_in_memory 3072 KB”
And, If you have Higher Bandwidth and Lowered Server, then keep:
“maximum_object_size 1024 KB” &
“maximum_object_size_in_memory 512 KB”


4) Only 1 Authentication



To set the one user can access the internet from one system only on same time, add the below line to your squid.conf file.



acl only1 max_user_ip -s 1
http_access deny only1


5) Squid File Modify



When ever you need to change your squid.conf file, save it and write the command as below to take the change effect immediately:



squid –k reconf


6) Cache Initialization



If and problem persist regarding to initializing the squid cache, give the write permission to the specified directory. (i.e. chmod 777 /cache)



7) Use Maximum Memory for Squid 



If you have more than sufficient memory in your squid server, set the below lines in your squid.conf file, to get the highest performance of your unused memory.



memory_pools on
memory_pools_limit 2048 MB


If you set the value of memory_pools_limit to 0, squid will keep all memory it can.



8) Retry while Error



If set “retry_on_error on”, squid will automatically retry requests when receiving an error response. This is mainly useful if you are in a complex cache hierarchy to work around access control errors.



9) Memory Warning



If you set this to “high_memory_warning 2048 MB”, and the memory usage will be exceeds to determined value, Squid prints a WARNING with debug level 0 to get the administrators attention.

10) Bypass the SSL ports 



To bypass the SSL ports from squid server, mentioned the acl as below:



acl SSL_ports port 443
http_access deny CONNECT !SSL_ports

0 comments:

Text Widget

Copyright © Vinay's Blog | Powered by Blogger

Design by | Blogger Theme by