Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple squid configurations and paths on PFsense

    Scheduled Pinned Locked Moved Cache/Proxy
    4 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      emesix
      last edited by

      There is a squid and configuring question that i am having.
      For mine PFsense (APU1C4) box i want to install squid but with 3 different roles.

      Role number 1: Transparent HTTP and HTTPS proxy for the small stuff. Mostly working in 2GB of ram and maybe 10GB@ "/cache/proxy/".
      Role number 2: Transparent HTTP and FTP proxy for downloads (rar,zip,gz,z and ISO) and OS speciefic (Windows, RPM en dep) upgrade. 100% working on the hard-drive with a 1 year lifespan. 250GB@ "/cache/download/"
      Role number 3: Transparent HTTP and HTTPS proxy for Youtube (and other) streaming . (I use youtube like a radio) with a 3 month lifespan and 100% on the hard-drive. 250GB@ "/cache/video/"

      As i am reading about this i found out that this should be possible if you run a separate squid with a separate config file.
      I was wondering if somebody has done a config like this ??? and/or is mine idea workable ??
      Can it be done with 3 transparent proxy's or can this all be done with just 1 squid running ?
      Or are mine expectations too high :)

      Thanks in advance.
      Vincent

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Or are mine expectations too high

        Yes.  Squid is quite limited on an appliance, and is usually recommended only as a platform for URL filtering.  I see a few problems with your plan:

        1. Getting Windows Updates to cache is almost impossible.  People usually give up and just go with WSUS.
        2. Logging on a CF card isn't recommended.

        I think you're better off running a separate server for Squid.  You will also spend a lot of time experimenting with various cache configs to get what you want.

        1 Reply Last reply Reply Quote 0
        • E
          emesix
          last edited by

          Thanks for the info.

          Mine APU1C4 is in a 19" case. So i had room for a extra 2,5" HDD beside the M-Sata. Thats why i wanted to bundle the proxy service on 1 system. But the more I read about this, the more i wondered if it was reachable. Looks like I can only do this when i split one system with Linux as a main OS and pfsense in a virtual machine. I am thinking of giving that a try, mine internet usage is not that high. And mine WAN is only 200Mbit from mine provider. So maybe it will work with out burning the CPU out.

          Windows updates was a nice to have, butt i work mostly with Debian/Linux mint distro's on mine computers. At the moment i have only 1 computer with Windows installed :) And i was reading about a DEB proxy here https://launchpad.net/squid-deb-proxy and http://wiki.squid-cache.org/Features/SmpScale. This gave me this idea, but i didn't wanted to waist allot of time on something that was futile.  ;) And with the linux option a good PXE server is also looking easyer :)

          Vincent

          PS. There is enough room in the 19" case to add a small board like a Raspberry-Pi for proxy handling…..  ;)

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            Apt-cacher might be a better fit for you.  I've been running squid3 in a corporate environment and my hit rate is never above 7% no matter how much I fiddle with the squid config.  However, I have heard good results when caching Linux updates in general since they don't play games with the filenames of the updates like with Windows Updates and other A/V updates.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.