Get Your Tentacles Around Squid

By ServerWatch Staff (Send Email)
Posted Aug 2, 2007


Squid Internet Object Cache: Web proxy and cache server. Despite the silly name, Squid Internet Object Cache is the most widely deployed HTTP proxy and cache server on the Internet. It also is the de facto standard in this space. If you're not familiar with it, now is a good time to learn the basics.

Open source software could be described as evolving its own traditions — collaborative development, community support, and, all too often, really bad names. Enter Squid, a caching proxy server. Like Apache Web server, Squid is a venerable open source product with a silly name that has evolved into the de facto standard in its server class.

Discuss this article in the ServerWatch discussion forum

Squid,1 like other proxy servers, is designed to sit between a client and a destination server. It can intercept, block, filter and cache information flowing from end to end. In its most traditional configuration, Squid would be installed upstream of a LAN. Whenever users in the LAN access the Web (or FTP), Squid can intercede. Depending on how Squid is configured, it allows or denies requests to particular sites or from particular machines or a variety of other criteria. It might filter the data passing through. For example, it could be used to anonymize HTTP requests by altering identifying user information. Most often, Squid is used to cache objects delivered to the LAN by remote servers. In doing so, future requests for the same information can be delivered by Squid, rather than the host server. This improves speed for LAN users and saves Internet bandwidth for the LAN owner.

In a typical proxy configuration, individual clients, like Web browsers, must be configured to connect to Squid. This can be done manually or by providing an automatic configuration file on the proxy server that the browsers can load. Alternatively, Squid can be configured as a transparent proxy, meaning that it intercepts all outgoing HTTP traffic regardless of client browser settings.

The second common Squid configuration is as a so-called "reverse proxy." In this case, Squid is matched up with a Web server to cache outgoing data. Incoming requests first hit Squid, which can deliver static objects from its cache, offloading work from the primary Web server. In fact, Squid can be configured to behave as both a traditional proxy and a reverse proxy at the same time.

Squid is available as either a source code archive that you can compile yourself or pre-compiled for a variety of platforms, including Red Hat, Debian, FreeBSD, NetBSD, Windows and Solaris. Download size varies; the Windows binary is less than 2MB. Squid includes no installer. Even the Windows version is an archive of server binaries and configuration files.

Although Squid is highly flexible and can perform almost any proxy functions needed, configuring it to do so is not for the faint of heart. The best way to begin with Squid is to consult the Squid wiki and look for a configuration recipe that most closely matches your needs. The wiki contains configuration samples for a transparent proxy, user authentication via LDAP or Active Directory and SSL acceleration for Outlook Web.

The only GUI interface to administer and configure Squid is that included in Webmin, the Web-based system management tool for Linux systems. Even with Webmin, you need a thorough understanding of Squid configuration parameters. Without Webmin, Squid configuration is entirely a matter of text-based configuration. For many configurations, additional software and libraries apart from Squid itself may be needed.

Despite its obtuse administration, Squid is the most widely deployed HTTP proxy and cache on the Internet. Consider Squid for your own server if you need to filter content into your LAN, save bandwidth for outgoing requests or accelerate a public-facing Web server by reducing its workload. Fortunately, Squid enjoys a robust community with both non-commercial and commercial support resources.

Pros: Proven performance; Nearly infinite flexibility; Effective Web acceleration.
Cons: Lack of GUI; Configuration for experts only.

Reviewed by: Aaron Weiss
Original Review Date: 08/02/2007
Original Review Version: 2.6

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.