Search squid archive

Re: Dynamic Content Caching/Windowsupdate/Facebook/youtube

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



GIGO . wrote:
All,
I am really sorry i was looking at the access.log file of squid instance that is user facing and not the instance that is doing the fetching/caching and there i can see mp4 files being cached. However i am not very much confident about my settings so please read my queries and the configuration file and advice. I would be really thankful. ----------------------------------------
From: gigoz@xxxxxxx
To: squid-users@xxxxxxxxxxxxxxx
Date: Fri, 14 May 2010 12:00:46 +0000
Subject:  Dynamic Content Caching/Windowsupdate/Facebook/youtube



Dear All,


I require your help and guidance regarding dynamic content caching. Following are the quries.


1. I am running squid in multiple instances mode (For Cache Disk Failure Protection). I dont think that it has any effect on internet object caching? I am confused that if connect methods are to be duplicate on both of the instances or i have configured it right specially in perspective of windows update.


Depends on whether the port the cache instance is listening on is reachable to external people, if it is then its Squid will definitely need the http_access security settings turned on as well.


2. As rewrite_url is not exported in new versions(version 3 and above) of squid is it still possible for squid to cache facebook/youtube videos? Have i configured it correctly? As i have seen no TCP_HIT for mp3,mp4 etc so i think caching is not done.


If you meant to write "storeurl_rewrite"? then yes. That particular method of caching them is not possible yet in 3.x. YouTube will still cache using the low-efficiency duplicate-object way it does most places.


3. Please can u please check my configuration for windows updates? is there anything else which i have missed there? How could i assure that windows update is being cached properly?


You don't show any http_access rules from the cache instance.
The default is to block all access through that instance.

The main instance is okay.



Through studying online tutorials mailarchive support and best of my understanding i have configured squid as follows. Please peruse and guide.

--------------------------
Squid Cache Instance:

visible_hostname squidlhr.v.local
unique_hostname squidcacheinstance
pid_filename /var/run/squidcache.pid


cache_dir aufs /cachedisk1/var/spool/squid 50000 128 256
coredump_dir /cachedisk1/var/spool/squid

cache_swap_low 75
cache_mem 1000 MB
range_offset_limit -1
maximum_object_size 4096 MB
minimum_object_size 10 KB
quick_abort_min -1
cache_replacement_policy heap

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

#specific for youtube belowone....
refresh_pattern (get_video\?|videoplayback\?|videodownload\?) 5259487 99999999% 5259487

The youtube pattern and all other custom refresh_patterns' need to be configured above the default set (ftp:, gopher:, cgi-bin, and . ).


# For any dynamic content caching.
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

This dynamic content needs to be between the refresh_pattern ^gopher: and the refresh_pattern . patterns.


--------------------------------------------------
Squid Main Instance:
visible_hostname squidlhr
unique_hostname squidmain
cache_peer 127.0.0.1 parent 3128 0 default no-digest no-query
prefer_direct off

cache_dir aufs /var/spool/squid 10000 16 256
coredump_dir /var/spool/squid
cache_swap_low 75
cache_replacement_policy lru

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

(should be set on all squid caching or handling dynamic objects, even in memory-only mode).

refresh_pattern . 0 20% 4320


#Defining & allowing ports section....
acl SSL_ports port 443 # https
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager

# Deny request to unknown ports
http_access deny !Safe_ports

# Deny request to other than SSL ports
http_access deny CONNECT !SSL_ports

#Allow access from localhost
http_access allow localhost


# Windows Update Section...
acl windowsupdate dstdomain windowsupdate.microsoft.com
acl windowsupdate dstdomain .update.microsoft.com
acl windowsupdate dstdomain download.windowsupdate.com
acl windowsupdate dstdomain redir.metaservices.microsoft.com
acl windowsupdate dstdomain images.metaservices.microsoft.com
acl windowsupdate dstdomain c.microsoft.com
acl windowsupdate dstdomain www.download.windowsupdate.com
acl windowsupdate dstdomain wustat.windows.com
acl windowsupdate dstdomain crl.microsoft.com
acl windowsupdate dstdomain sls.microsoft.com
acl windowsupdate dstdomain productactivation.one.microsoft.com
acl windowsupdate dstdomain ntservicepack.microsoft.com
acl wuCONNECT dstdomain www.update.microsoft.com
acl wuCONNECT dstdomain sls.microsoft.com
http_access allow CONNECT wuCONNECT all
http_access allow windowsupdate all



Amos
--
Please be using
  Current Stable Squid 2.7.STABLE9 or 3.1.3

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux