Squid

A User's Guide

Oskar Pearson

Qualica Technologies (Pty) Ltd, South Africa.

Copyright © 2000 by Oskar Pearson (oskar@linux.org.za). All rights reserved. This version of the document (Version 0.1) is not to be mirrored.

All trademarks used in this document are owned by their respective companies. This document makes no ownership claim of any trademark(s). If you wish to have your trademark removed from this document, please contact the copyright holder. No disrespect is meant by any use of other companies trademarks in this document.

Note: This document is not (yet) to be mirrored; copying for personal or company-wide use or printing is perfectly acceptable. Once the document is in a stable state, the document will be released under the GNU Free Documentation License. (http://www.gnu.org/copyleft/fdl.html), and mirroring will be allowed.

There are many mirrors of the old Squid User's Guide out there, which will all now have effectively useless mirrors; don't mirror this documentation at your site unless you are willing to keep it up to date!

This document will shortly be released under the GNU Free Documentation License.

Table of Contents

1. Overall Layout (for writers)

2. Terminology and Technology

What Squid is

Why Cache?

What Squid is not

Supported Protocols

Supported Client Protocols
Inter Cache and Management Protocols

Inter-Cache Communication Protocols

Firewall Terminology

The Two Types of Firewall
Firewalled Segments
Hand Offs

3. Installing Squid

Hardware Requirements

Gathering statistics
Hard Disks
RAM requirements
CPU Power

Choosing an Operating System

Experience
Features
Compilers

Basic System Setup

Default Squid directory structure
User and Group IDs

Getting Squid

Getting the Squid source code
Getting Binary Versions of Squid

Compiling Squid

Compilation Tools
Unpacking the Source Archive
Compilation options
Running configure
Compiling the Squid Source
Installing the Squid binary

4. Squid Configuration Basics

Version Control Systems

The Configuration File

Setting Squid's HTTP Port

Using Port 80

Email for the Cache Administrator

Effective User and Group ID

FTP login information

Access Control Lists and Access Control Operators

Simple Access Control
Ensuring Direct Access to Internal Machines

Communicating with other proxy servers

Your ISP's cache
Firewall Interactions

5. Starting Squid

Before Running Squid

Subdirectory Permissions

Running Squid

Testing Squid

Testing a Cache or Proxy Server with Client

6. Browser Configuration

Basic Configuration
Advanced Configuration
Basic Configuration
Host name

Browser-cache Interaction

Testing the Cache

Cache Auto-config

Web server config changes for autoconfig files
Autoconfig Script Coding
Cache Array Routing Protocol

cgi generated autoconfig files

Future directions

Roaming
Browsers
Transparency

Ready to Go

7. Access Control and Access Control Operators

Uses of ACLs

Access Classes and Operators

A unique name
Type
Decision String
Types of acl

Acl-operator lines

The other Acl-operators

SNMP Configuration

Querying the Squid SNMP server on port 3401
Running multiple SNMP servers on a cache machine

Delay Classes

Slowing down access to specific URLs
The Second Pool Class
The Second Pool Class
The Third Pool Class
Using Delay Pools in Real Life

8. Cache Hierarchies

Introduction

Peer Configuration

The cache_peer Option

Peer Selection

Selecting by Destination Domain
Selecting with Acls
Other Peering Options

Multicast Cache Communication

Getting your machine ready for Multicast
Querying a Multicast Cache
Accepting Multicast Queries: The mcast_groups option
Other Multicast Cache Options

Cache Digests

Cache Hierarchy Structures

Two Peering Caches
Trees
Meshes
Load Balancing Servers

The Cache Array Routing Protocol (CARP)

9. Accelerator Mode

When to use Accelerator Mode

Acceleration of a slow server
Replacing a combination cache/web server with Squid
Transparent Caching
Security

Accelerator Configuration Options

The httpd_accel_host option
The httpd_accel_port option
The httpd_accel_with_proxy option
The httpd_accel_uses_host_header option

Related Configuration Options

The redirect_rewrites_host_header option
Refresh patterns
Access Control

Example Configurations

Replacing a Combination Web/Cache server
Accelerating Requests to a Slow Server

10. Transparent Caching

The Problem with Transparency

The Transparent Caching Process

Some Routing Basics
Packet Flow with Transparent Caches

Network Layout

Filtering Traffic

Unix machines
Routers (not done)
Layer-Four Switches (not done)

Kernel Redirection (not done)

Squid Settings (not done)

11. Not Yet Done: Squid Config files and options

		Next
		Overall Layout (for writers)