Search squid archive

Re: Squid configuration upgrade from 2.6 to 2.7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Drew Wrobel wrote:
I have upgraded my squid server from 2.6 stable 22 to 2.7 stable  7.

Along with this, I have updated the configuration and wanted to make sure that some of the new settings won't be a problem.

The biggest change is that I increased the maximum object size the squid will cache.  Before everything at the default levels.
I increased this size sine most of the files/pages being servers up, especially the ones that have flash and vidoes would be larger
then 4K.

Let me know if there is a better way or setting I should/should not be using.

Thanks

acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_port 127.0.0.1:3128

hierarchy_stoplist cgi-bin ?

NP: if you are caching dynamic pages at all, you will need to use the default dynamic page refresh pattern to stay RFC compliant:
  refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

Of course providing the pages with correct Expires:, Last-Modified: and/or Cache-Control: headers is even better.

refresh_pattern . 0 20% 4320

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

coredump_dir /var/cache/squid

http_access allow manager localhost
http_access deny manager

http_access deny to_localhost

http_port 80 accel vport

cache_peer 172.21.1.2 parent 80 0 no-query originserver round-robin login=PASS
cache_peer 172.21.3.4 parent 80 0 no-query originserver round-robin login=PASS
cache_peer 172.21.5.6 parent 80 0 no-query originserver round-robin login=PASS

acl mainSite dstdomain www.company.com
acl otherSites dstdomain .company.com

cache_peer_access 172.21.1.2 allow mainSite
cache_peer_access 172.21.1.2 deny all
cache_peer_access 172.21.3.4 allow mainSite
cache_peer_access 172.21.3.4 deny all
cache_peer_access 172.21.5.6 allow mainSite
cache_peer_access 172.21.5.6 deny all
http_access allow mainSite

deny_info http://www.company.com/ otherSites

http_access deny otherSites
http_access deny all

icp_port 0
icp_access deny all
log_icp_queries off

acl loadbalancer1 src 172.21.10.1
acl loadbalancer2 src 172.21.10.12
follow_x_forwarded_for allow loadbalancer1
follow_x_forwarded_for allow loadbalancer2
follow_x_forwarded_for allow all
acl_uses_indirect_client on
delay_pool_uses_indirect_client on
log_uses_indirect_client on

logformat combined %{Host}>h %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh

If this really is the real "combined" Apache httpd format there is no need to define it. If it's a customized version with altered details please name it with a name of your own.

access_log /var/log/squid/access.log combined
logfile_rotate 0
collapsed_forwarding on
vary_ignore_expire on
httpd_suppress_version_string off

cache_effective_user squid
cache_store_log none
client_db off
cache_mem  512 MB
maximum_object_size_in_memory 24 MB
cache_replacement_policy lru
cache_dir ufs /var/cache/squid 2000 10 10
maximum_object_size 20480 KB

cosmetic: maximum_object_size 20 MB

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE7 or 3.0.STABLE21
  Current Beta Squid 3.1.0.15

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux