[squid-users] prioritize single site.

From: Giles Westwood <[email protected]>
Date: Fri, 22 Oct 2004 09:33:50 +0000

I look after 3 e-learning centres which use courses.learndirect.co.uk for
content. Most of the main content is flash, images, mpeg and mp3 sound. Squid
doesn't cache any of the .asp files at the moment which is correct as they
store the progress of a user. The course content remains the same so i'd like
to use an aggressive refresh pattern so most of this content comes direct from
the proxy server.

Normal web surfing still happens at these centres so i want to prioritize this
learndirect site so i'm looking for a set of refresh patterns to achieve this.
Below is my current squid.conf file. I'm worried that a really large squid
cache will slow down access, is this the case? Any other advice much
appreciated. If I get a squid.conf that works well I can post it to the
support site for learndirect to help other centres. I also use dansguardian
which has been fantastic at blocking mal-use.

visible_hostname squid
# use more memory for hot objects
cache_mem 256 MB
# store large objects
maximum_object_size 60000 KB
# allow larger objects even to be stored in memory
maximum_object_size_in_memory 256 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GSDF
#use posix threaded aufs for better linux i/o and reiser4 partition
cache_dir aufs /extra/squid 60000 16 256
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
acl our_networks src 192.168.0.0/24
http_access allow our_networks
# And finally deny all other access to this proxy
http_access allow localhost
http_access deny all

#items appear as fresh if less than 2 months old
refresh_pattern . 0 100% 80640
###########################
#don't listen for neighbour caches
icp_port 0
#don't log needless queries
log_icp_queries off
#speed up the writing slightly
buffered_logs on
redirect_children 0
########################
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Received on Fri Oct 22 2004 - 03:33:23 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:02 MST