Mutli WAN with squid and video cache.

  • Hi every body,
    I was trying to get squid to work on pfsense 2.1 with multi wan setup. but could not manage to do it.
    as i found more than one topic speaking abotu that.

    anyway i did not want squid on pfsense because of that and because i could not get squid to video cahe youtube and streaming sites.

    with allot of research i found this
    so i figured out why it is not working on pfsense, maybe because it was not compiled with these options

    ./configure –prefix=/usr --exec_prefix=/usr --bindir=/usr/sbin --sbindir=/usr/sbin --libexecdir=/usr/lib/squid --sysconfdir=/etc/squid
    --localstatedir=/var/spool/squid --datadir=/usr/share/squid --enable-async-io=24 --with-aufs-threads=24 --with-pthreads --enable-storeio=aufs
    --enable-linux-netfilter --enable-arp-acl --enable-epoll --enable-removal-policies=heap,lru --with-aio --with-dl --enable-snmp
    --enable-delay-pools --enable-htcp --enable-cache-digests --disable-unlinkd --enable-large-cache-files --with-large-files
    --enable-err-languages=English --enable-default-err-language=English --with-maxfd=65536

    so i moved to the second option is to have pfsense working with squid that is configured with upstream proxy that is ubuntu with "Syed Jahanzaib" automated script.

    i did not get to the point yet,

    my setup is that i have pfsense with 3 NICs LAN WAN WAN2
    ubuntu with one NIC connected to LAN network . and it is an upstream proxy for pfsense's squid.

    i cannot traffic shape the bandwidth coming out of the ubuntu' squid so clients receive cached contents with LAN speed. which could put loads i dont want in my network as i have wireless bridges and i dont want to reach maximum thourhgput of these devices.

    so do i need to add 4th NIC to pfsense and connect it to ubuntu and name it PROXY ?

  • i added the 4th NIC and it is working smoothly now with 2 custom options
    prefer_direct off
    nonhierarchical_direct off
    to force squid running on pfsense to use the parent as long as it is reachable.

    i will post my traffic graphs to see what i need to do

    as we can see WAN,WAN2 both are 4 MB ADSL
    the high traffic shows when i open cached youtube video.

    how do i limit traffic going out from Ubuntu's squid to my LAN clients.
    note that i am allready limiting LAN clients vs LBGW (WAN,WAN2) using limiter and masked source and destination pipes. thorough firewall rule in LAN interface.
    so if that limit is 1MB for example, i need to limit traffic from cache to 4MB
    i don't understand what rule do i need and where!

    if i did explain my problem right, please advice.

    Best regards.

  • hi.. you can limit the traffic only when you use Tproxy Feature in  your ubuntu squid

