Squid worthwhile for small home network?

  • I am running 2.2.6 on an old Lenovo SFF workstation (E6600 Processor, 4GB DDR2) I have a small home network with 6 PCs. I have not used any other packages other than the OpenVPN client export. Basically just used for casual browsing and streaming from Netflix, no real production work involved. Is squid worthwhile for this environment? The only thing that I could imagine would be really cool about it is the caching of Windows updates. Does it really provide any benefit for the average small home or business network?

  • On a small home network you probably wouldn't see any performance benefits, and with windows 10 using cached updates on your lan, you may not even need it for those.
    If you had a bunch of sites that loaded slow, you could specifically cache those to see performance increases, but over all, there are not enough users to see that boost.
    Though it would slightly lower your wan side download usage on frequently loaded sites, though pages like facebook and gmail tend to optimize, and use compression already.
    You would also have to have an SSL cert and setup for https sites as standard caching won't work for them.

  • Depends… SQUID was originally meant to cache content, but these days, it can't cache much since so many things are dynamic and have switched to HTTPS as well...  The only benefit if you setup squid IMO is the ability to easily track who goes where, and block certain websites using squidguard.

    If you are wanting to cache Windows updates, you should really be looking into WSUS anyways since you can select what OS, products, and so on that your WSUS install will download and store for machines on your network.

  • Normally I would say, the normal home network does not need pfSense, but if you want to do one of the following, a pfSense makes sense:

    • IPv6 (native or via tunnel)

    • Port Forwards (with full control)

    • Reverse Proxy for HTTP or HTTPS, especially with SNI wildcard certificates (HAProxy) to access e.g. SmartHome from external

    • Traffic Shaping, especially need for VoIP

    • UPnP (with full control)

    • Multiple internal networks (e.g. clients and servers separated)

    • Access control (kids)

    • DynDNS (e.g. multiple, full control, reliable)

    • DNS

    • NAT Reflection (access your hosts internally same as you were internal)

    • Multiple WAN

    • VPN Inbound (access home network from external)

    • VPN Outbound (accessing other networks via VPN)

    Many router can do many of those things, but with pfSense the difference is; pfSense can do all of this, reliable and offers full and fine granular control of it.

  • It all depends on your needs you have! If you don´t need Squid as a proxy you don´t need to
    install squid for sure. It is like all other services, functions and features or options, if you don´t
    need them really you don´t should install or activate them then.

    It can be useful if there are children in a household and/or the family size is really big likes
    5 till 10 persons in total. So you would be able to install Squid & SquidGuard with a user
    authentication and then all things can be logged down the road what the whole family
    was doing and it could also be regulated what they are all can do.

Log in to reply