Re: [squid-users] Squid as HTTP accelerator

From: Henrik Nordstrom <[email protected]>
Date: Sun, 18 Apr 2004 04:18:29 +0200 (CEST)

On Sat, 17 Apr 2004, Daniel Czarnecki wrote:

> I am trying to get Squid to act as an http accelerator for a number of
> virtual domains residing on an internal Apache server. They are all
> named based. Is their a way to configure Squid to accelerate such a
> configuration?

Yes.

> Also is it possible to have a single Squid accelerate the traffic for a
> set of domains residing on separate internal web servers?

Yes.

First enable acceleration in squid.conf by the following directives:

  httpd_accel_host your.default.domain
  httpd_accel_port 80
  httpd_accel_uses_host_header on
  httpd_accel_single_host off
  httpd_accel_with_proxy on

Others may have other opinions regarding some of these directives, but
this is the settings which are most HTTP compliant and provides most
flexibility.

Also note that "httpd_accel_host virtual" is quite likely not what you
want and should not be set unless you fully understands what it does and
have written a redirector to work together with this directive. This
directive enables IP based virtual hosts and requires a redirector helper
to map Squid server IP addresses to domain names. Name based virtual
hosts is enabled by the httpd_accel_uses_host_header directive, not
"httpd_accel_host virtual".

Then add access controls where instructed to do so in the comments
allowing clients to reach your servers. It is best to leave the existing
default access controls in place.

  acl my_servers dstdomain list of your accelerated domains
  acl http protocol http
  acl port80 port 80
  http_access allow http port80 my_servers

Then add the real IP addresses of your web servers to /etc/hosts on the
Squid server and restart your Squid, or have your Squid use a internal
DNS knowing the internal addresses.

Then try things out, first by configuring your browser to use the Squid
server as proxy for the accelerated domains, then by editing your stations
local hosts file or external DNS to have your (or all) clients sent to the
accelerator.

When things works, clean up your squid.conf to only contain the
configuration and not all documentation (documentation is in
squid.conf.default). This makes it a whole lot easier to maintain your
configuration in future:

  grep ^[a-z] squid.conf >squid.conf.clean

verify squid.conf.clean content, and add notes where suitable to explain
the configuration for later, then activate the cleaned up configuration

  mv squid.conf.clean squid.conf

When you have this working you can look into using redirectors etc to
further simplify things. This allows you to map contents from your
internal servers as you please, which depending on what you publish can
prove to be very powerful tool.

> Also is their a better alternative to squid?

Not in my opinion.

But there is ways to do this better with Squid, but not quite yet in a
STABLE version.. there is some significant news in how this type of things
is done in the upcoming Squid-3.0 release.

Regards
Henrik
Received on Sat Apr 17 2004 - 20:18:34 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT