Have you tried this?

  • –-------------------> WAN1

    Client–------> PF#1 (FW/LB/FO)  –--------------------> WAN2

    –------>**PF#2–----> WAN3
                                                          (SQUID/FB request only)

    Hi Guys,

    I've been a fan of this great product for almost a yr now.Powerful and worth using.Thanks Guys.
    In my network enviroment,Facebook is highly requested by the clients.Now,Im thinking of having dedicated Wan for facebook request and speed it up using Squid.

    As my diagram shows,I'm planning to have a triple Wan setup with WAN1&WAN2 performs the outbound balancing and failover (for other web request,voip,etc).And WAN3 coming from another Pfsense box with Squid,different tier and only used for Facebook request(Policy based routing).

    Is this possible?would my PFsense#2 cache FB traffic coming from pf#1?please help me with this guys.Thanks.**

  • It will.

    Setup squid as transparent on fw2.

    Look for Facebook networks and route it to fw2.

    To get a better performance, use squid memory cache.

  • Thanks marcelloc.I'l try and post the result soon.

    One more thing if you dont mind,I got a test machine with 1.5gb mem.I used 500mb  for cache mem and I know this is good enough as you suggested to get better performance.

    What about the disk cache?anything would you suggest me?or what if I force to use mem.cache only?would it help? Also,for maximum object size in Ram?what is your ram size preference if Im gonna cache facebook objects only?

    Thanks again.

  • Facebook uses sessions and caching sessions is possible only when you remove session cookies from static content(Images, javascripts, etc).

    You must follow squid logs to see how effective cache can be.
    Look for tcp_mem_hit on access log. If you have few hits, 512mb is fine.

  • Informative!I really appreciated it.

    I dont have any idea 'bout the sessions or caching sessions.I think should go deep on this.
    At least I know its possible,enough for now.

    Thanks for the help.

Log in to reply