Introduction

VideoCache Hacks

You are hereForums / Support / two instances

Videocache 2.1 is here :-) Check changelog for changes and new features in this version. Contact Us for your free upgrade!!

two instances

6 posts / 0 new
Login or register to post comments
Last post
31 December, 2008 - 03:35
#1
soho's picture
soho
Offline
Joined: Dec 31 2008
two instances

Currently I'm use the Ubuntu-Server 8.0.4 with the squid compiled manually and configured to run on a core of each of my server processor Core 2 Duo.

Squid

configure options:  '--prefix=/usr' '--enable-async-io' '--enable-icmp' '--enable-useragent-log' '--enable-snmp' '--enable-cache-digests' '--enable-follow-x-forwarded-for' '--enable-storeio=ufs,aufs,coss,diskd,null' '--enable-removal-policies=heap,lru' '--with-maxfd=32768' '--enable-pool' '--disable-ident-lookups' '--enable-truncate' '--exec-prefix=/usr' '--bindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--enable-linux-netfilter' '--with-dl' '--with-large-files' '--with-aio' '--enable-epoll' '--with-pthreads' '--sysconfdir=/etc/squid' '--enable-wccp' '--enable-wccpv2' '--with-build-environment=POSIX_V6_LP64_OFF64' '--enable-default-err-language=Portuguese' '--enable-referer-log' '--disable-dependecy-tracking' '--enable-carp' '--enable-arp-acl' '--enable-delay-pools' '--enable-cachemgr-hostname=localhost' '--enable-http-violations' '--enable-ntlm-fail-open' '--enable-stacktraces' '--enable-x-accelerator-vary' '--enable-large-cache-files' 'CFLAGS=-DNUMTHREADS=120 -march=nocona -O3 -pipe -fomit-frame-pointer -funroll-loops -ffast-math -fno-exceptions'

 
I have 2 internal networks I redirect a network to a cache and another network to another cache. The caches are configured in parent sibling. My cache directory of HDDs are separated.
 

squid1.conf

http_port 33127 transparent
snmp_port 3400

cache_mem 768 MB
cache_swap_high 90
cache_swap_low 80
maximum_object_size 90 MB
maximum_object_size_in_memory 128 KB
ipcache_size 51200
ipcache_high 95
ipcache_low 90
fqdncache_size 51200

cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /cache01 120000 32 256

# hide squid version
httpd_suppress_version_string on

access_log /var/log/squid/access1.log
cache_log none
cache_store_log none

coredump_dir /var/spool/squid

mime_table /etc/squid/mime.conf
pid_filename /var/run/squid1.pid
debug_options ALL, 5
log_fqdn off

refresh_pattern ^ftp:           15      20%     2280
refresh_pattern ^gopher:        15      0%      2280
refresh_pattern .               15      20%     2280
half_closed_clients off

## ACLs
acl all src all
acl public_aloo snmp_community public
# Public network
acl internet src 200.x.x.x/24 200.y.y.y/24
# Private network
acl intranet src 192.168.0.0/16 10.0.0.0/8 172.16.0.0/12

# drop miss access
acl irmaos src 127.0.0.0/255.0.0.0
miss_access deny irmaos

#http_access allow all
miss_access allow all
snmp_access allow public_aloo all

## No Cache
acl NOCACHE url_regex "/etc/squid/no-cache" \?
acl NOCACHE url_regex gateway/gateway.dll? \?
no_cache deny NOCACHE

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 82
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 901         # swat
acl Safe_ports port 1025-65535  # unregistered ports
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge

#http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports

http_access allow localhost
http_access allow internet
http_access allow intranet
http_access deny all

cache_mgr webmaster@example.com
cache_effective_user squid
cache_effective_group squid
visible_hostname proxy.example.com

unique_hostname  proxyex-1
via off
forwarded_for off
logfile_rotate 24
pipeline_prefetch on
shutdown_lifetime 1 second
read_ahead_gap 2 KB
quick_abort_min 0 KB
client_db off
buffered_logs on
positive_dns_ttl 24 hours
negative_dns_ttl 10 seconds
request_timeout 40 seconds
connect_timeout 40 seconds
pconn_timeout 40 seconds
dns_nameservers 200.x.x.x 200.y.y.y
emulate_httpd_log off
log_ip_on_direct on

# hierarchy
icp_port 3127
icp_access allow all

# parent sibling
cache_peer 127.0.0.1 sibling 33128 3128 proxy-only round-robin name=proxyex-2

 

squid2.conf

http_port 33128 transparent
snmp_port 3401

cache_mem 768 MB
cache_swap_high 90
cache_swap_low 80
maximum_object_size 90 MB
maximum_object_size_in_memory 128 KB
ipcache_size 51200
ipcache_high 95
ipcache_low 90
fqdncache_size 51200

cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /cache02 120000 32 256

# hide squid version
httpd_suppress_version_string on

access_log /var/log/squid/access2.log
cache_log none
cache_store_log none

coredump_dir /var/spool/squid

mime_table /etc/squid/mime.conf
pid_filename /var/run/squid2.pid
debug_options ALL, 5
log_fqdn off

refresh_pattern ^ftp:           15      20%     2280
refresh_pattern ^gopher:        15      0%      2280
refresh_pattern .               15      20%     2280
half_closed_clients off

## ACLs
acl all src all
acl public_aloo snmp_community public
# Public network
acl internet src 200.x.x.x/24 200.y.y.y/24
# Private network
acl intranet src 192.168.0.0/16 10.0.0.0/8 172.16.0.0/12

# drop miss access
acl irmaos src 127.0.0.0/255.0.0.0
miss_access deny irmaos

#http_access allow all
miss_access allow all
snmp_access allow public_aloo all

## No Cache
acl NOCACHE url_regex "/etc/squid/no-cache" \?
acl NOCACHE url_regex gateway/gateway.dll? \?
no_cache deny NOCACHE

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 82
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 901         # swat
acl Safe_ports port 1025-65535  # unregistered ports
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge

#http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports

http_access allow localhost
http_access allow internet
http_access allow intranet
http_access deny all

cache_mgr webmaster@example.com
cache_effective_user squid
cache_effective_group squid
visible_hostname proxy.example.com

unique_hostname  proxyex-2
via off
forwarded_for off
logfile_rotate 24
pipeline_prefetch on
shutdown_lifetime 1 second
read_ahead_gap 2 KB
quick_abort_min 0 KB
client_db off
buffered_logs on
positive_dns_ttl 24 hours
negative_dns_ttl 10 seconds
request_timeout 40 seconds
connect_timeout 40 seconds
pconn_timeout 40 seconds
dns_nameservers 200.x.x.x 200.y.y.y
emulate_httpd_log off
log_ip_on_direct on

# hierarchy
icp_port 3128
icp_access allow all

# parent sibling
cache_peer 127.0.0.1 sibling 33127 3127 proxy-only round-robin name=proxyex-1

If I set the squid.conf of both servers, the videocache work normally? In both instances? Or set up a instance only for videocache (if so, leaving only the settings in one of squid.conf url_rewrite)?

Top
Tags:
31 December, 2008 - 04:05
#2
admin's picture
admin
Offline
Joined: Nov 2 2008

Hi Sergio,

Configuring videocache on parent squid will be enough. You don't need to configure it on both the squids.

I hope you'll be benefited by videocache.

Thank you for considering videocache :)

Top
31 December, 2008 - 04:38
(Reply to #2) #3
soho's picture
soho
Offline
Joined: Dec 31 2008

Hi Kulbir,

thank you for answering. I set here and in case of any doubt, I will post in the forum again.

My biggest doubt is about the videocache meet the two networks simultaneously, because each network has its own squid.conf

Top
31 December, 2008 - 05:18
(Reply to #3) #4
admin's picture
admin
Offline
Joined: Nov 2 2008

Hello Sergio,

As long as the the exit point to Internet is a single machine from the networks, configuring videocache on the outermost squid would be sufficient.

Let me know if I can help you in any other way :)

Top
9 January, 2009 - 07:37
#5
Rafael Guedes's picture
Rafael Guedes
Offline
Joined: Jan 9 2009

I'm having the same problem. Setup in only one did not work with me.

Sergio you already tried to redirect a domain to match ACLs?

For example:

Set the videocache in squid 1

And the squid 2:
acl redirects url_regex-i \. youtube \. com \ / get_video
cache_peer_access cache1.example.com allow redirects

I think it makes no difference, but .... Thanks for your answers.

Top
19 January, 2009 - 16:05
(Reply to #5) #6
admin's picture
admin
Offline
Joined: Nov 2 2008

Hi Rafael,

You can try contacting Sergio using his contact address.

Thank You!

Top
‹ Previous topic: Where is the download queue list stored? Next topic: videocache and squid working but squidGuard not blocking ›

My Book on Squid

Purchase/Renew

Go to Pricing page to purchase a new license or renew your existing license.

New forum topics

more

Recent comments

Who's online

There are currently 3 users and 109 guests online.