Squid cache

From Wikipedia, the free encyclopedia

Squid
Latest release: 2.6.STABLE9 / 2007-01-24
Preview release: 3.0.PRE5 / 2006-11-07
OS: Unix-like
Use: web cache, proxy server
License: GPL
Website: www.squid-cache.org

Squid is a popular proxy server and web caching daemon, released as free software under the GNU General Public License. It has a wide variety of uses, from speeding up a web server by caching repeated requests, to caching web, DNS and other network lookups for a group of people sharing network resources, to aiding security by filtering traffic. It is primarily designed to run on Unix-like systems.

Squid has been developed for many years and is generally considered complete and robust. Early work on the program was completed at the University of California, San Diego and funded via two grants from the National Science Foundation.[1] Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including TLS, SSL, Internet Gopher and HTTPS.[2] The development version of Squid (3.0) includes preliminary IPv6 support.

Contents

[edit] Web proxy

Caching is a way to store requested Internet objects (e.g. data like web pages) available via the HTTP, FTP, and gopher protocols on a system closer to the requesting site. Web browsers can then use the local Squid cache as a proxy HTTP server, reducing access time as well as bandwidth consumption. This is often useful for Internet service providers to increase speed to their customers, and LANs that share an Internet connection. Because it is also a proxy (i.e. it behaves like a client on behalf of the real client), it can provide some anonymity and security. However, it also can introduce significant privacy concerns as it can log a lot of data including URLs requested, the exact date and time, the name and version of the requesters' web browser and operating system, and the page that the requester got to the requested page from.

A client program (e.g. browser) either has to explicitly specify the proxy server it wants to use (typical for ISP customers), or it could be using a proxy without any extra configuration: "transparent caching", in which case all outgoing HTTP requests are intercepted by Squid and all responses are cached. The latter is typically a corporate set-up (all clients are on the same LAN) and often introduces the privacy concerns mentioned above.

It can also be found as precompiled binaries for some operating systems. Linux users can get Squid in one of the various package formats (e.g., RPM, Debian, etc.). The FreeBSD, NetBSD, and OpenBSD projects offer Squid ports. The BSD ports aren't binary distributions but rather a small set of files that know how to download, compile, and install the Squid source. These precompiled or preconfigured packages may be easier to install.

Squid has some features that can help anonymize connections, such as disabling or changing specific header fields in a client's HTTP requests. Whether these are set, and what they are set to do, is up to the person who controls the computer running Squid. People requesting pages through a network which transparently uses Squid will usually have no idea if this information is being logged. See the documentation for header_access and header_replace for further details.

[edit] Reverse proxy

The above set-up—caching the contents of an unlimited number of webservers for a limited number of clients—is the classical one. Another set-up is "reverse proxy" or "webserver acceleration" (using httpd_accel_host). In this set-up, the cache serves an unlimited number of clients for a limited number of—or just one—web servers.

Suppose slow.example.com is a "real" web server, and www.example.com is a Squid cache server that "accelerates" it. The first time any page was requested from www.example.com, the cache server would get the actual page from slow.example.com, but for the next hour/day/year (matter of cache configuration) every next request would get this stored copy directly from the accelerator. The end result, without any action by the clients, is less traffic to the source server, meaning less CPU and memory usage, and less need for bandwidth. This does, however, mean that the source server cannot accurately report on its traffic numbers.

It is possible for a single Squid server to serve both as a normal and a reverse proxy simultaneously.

[edit] Compatibility

Squid can run on the following operating systems:

Recent versions of Squid will also compile and run on Windows NT.

As of July 2006, the current stable version is 2.6; there is also a 3.0 version in development.

[edit] See Also

[edit] References

  1. ^ Squid Sponsors. Retrieved on February 13, 2007. “The NSF was the primary funding source for Squid development from 1996-2000. Two grants (#NCR-9616602, #NCR-9521745) received through the Advanced Networking Infrastructure and Research (ANIR) Division were administered by the University of California San Diego”
  2. ^ Squid FAQ: About Squid. Retrieved on February 13, 2007.

[edit] External links