I have already covered basic configuration for Squid
Here I am trying to cover few advance configuration for Squid, which can make day to day life easier.
Assuming,
My employer has multiple offices connected using P2P LL, all this offices has dedicated ISP for web use.
In case of failure of ISP link, I can use P2P link to serve internet. Routing public IP is tedious job, rather I’ll use squid cache of another squid server.
e.g I have three offices connected using P2P links.
Office A 192.168.1.0/24
Office B 192.168.2.0/24
Office C 192.168.3.0/24
Squid A 192.168.1.20
Squid B 192.168.2.20
Squid C 192.168.3.20
ISP Link failure
In case of Internet failure at office A, I append squid.conf with below configs. Now all web related traffic is load balance between Squid B & Squid C.
cache_peer 192.168.2.20 parent 3128 0 round-robin
cache_peer 192.168.3.20 parent 3128 0 round-robin
Since there is ISP Link failure at Office A, I’ll avoid squid sending any direct requests to Internet using
never_direct allow all
If you are using messengers, users might face frequent disconnection. e.g yahoo messenger
to avoid this use particular squid server to serve all yahoo sites.
cache_peer_domain 192.168.3.20 .yahoo.com .yimg.com
Since cache_peer are configured in round-robin, if connectivity fails for any cache_peer load will shift on another cache_peer, automatically.
For heavy traffic on local squid.
If you are running out of bandwidth don’t use never_direct allow all. Now squid will send internet request to local ISP / Squid B / Squid C
cache_peer 192.168.2.20 parent 3128 0 round-robin
cache_peer 192.168.3.20 parent 3128 0 round-robin
Since you are not using never_direct allow all yahoo.com request will be forwarded to local ISP & to Squid C (192.168.3.20). To avoid connectivity related issue add Squid A in cache_peer & use Squid A in cache_peer_domain to serve yahoo requests
cache_peer 192.168.1.20 parent 3128 0 round-robin
cache_peer_domain 192.168.1.20 .yahoo.com .yimg.com
Fedora – How to change boot sequence -Grub2