I don’t know your use case that well but maybe another proxy can do that for you. I wrote a haproxy routing config by username sometime ago: https://gist.github.com/elico/405f0608e60910fc9ea119e22e1ffd07 It's very simple and worth a shot. Let me know if it might be good for you. All The Bests, Eliezer From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of koshik moshik Sent: Sunday, April 11, 2021 12:04 AM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Cache Peers and traffic handling Hello, I am trying to run a Squid proxy Server witth about 5000 cache peers. I am running a dedicated server with 6 cores and 32GB RAM on Ubuntu 16. Could you tell me what else is needed / not needed in my squid.config? I am encountering a high CPU usage and would like to create a very efficient proxy server. Down below you can find my squid.config(I deleted the other cache_peer lines): ----------- http_port 3128 dns_v4_first on acl SSL_ports port 1-65535 acl Safe_ports port 1-65535 acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/.htpasswd auth_param basic children 5 auth_param basic realm Squid Basic Authentication auth_param basic credentialsttl 5 hours acl password proxy_auth REQUIRED http_access allow password #http_access deny all cache allow all never_direct allow all ident_access deny all cache_mem 1 GB maximum_object_size_in_memory 16 MB # Leave coredumps in the first cache dir coredump_dir /var/spool/squid #Rules to anonymize http headers forwarded_for off request_header_access Allow allow all request_header_access Authorization allow all request_header_access WWW-Authenticate allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all # # Add any of your own refresh_pattern entries above these. # #refresh_pattern ^ftp: 1440 20% 10080 #refresh_pattern ^gopher: 1440 0% 1440 #refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 #refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 #refresh_pattern . 0 20% 4320 ################################ acl me proxy_auth ye-1 cache_peer http://my.proxy.com/ parent 31280 login=user1:password1 no-query name=a1 cache_peer_access a1 allow me cache_peer_access a1 deny all _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
