- Series: Definitive Guides
- Paperback: 472 pages
- Publisher: O'Reilly Media; 1st edition (January 1, 2004)
- Language: English
- ISBN-10: 0596001622
- ISBN-13: 978-0596001629
- Product Dimensions: 7 x 1 x 9.2 inches
- Shipping Weight: 1.6 pounds (View shipping rates and policies)
- Average Customer Review: 4.5 out of 5 stars See all reviews (11 customer reviews)
- Amazon Best Sellers Rank: #841,922 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Squid: The Definitive Guide 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Prepare for your professional certification with study guides and exam prep tools from Wiley. See more
Frequently bought together
Customers who bought this item also bought
About the Author
Duane Wessels became interested in web caching in 1994 as a topic for his master's thesis in telecommunications at the University of Colorado, Boulder. He worked with members of the Harvest research project to develop web caching software. After the departure of other members to industry jobs, he continued the software development under the name Squid. Another significant part of Duane's research with the National Laboratory for Applied Network Research has been the operation of 6 to 8 large caches throughout the U.S. These caches receive requests from hundreds of other caches, all connected in a "global cache mesh."
If you are a seller for this product, would you like to suggest updates through seller support?
Top Customer Reviews
When I moved on to consulting Squid was the answer to a wide variety of client problems from employee Internet access control (Redirectors) to company website performance (Server Accelerator Mode) to plain old web page load times (Proxy Cache).
Now that I've moved in-house in a large corporation (30,000+ employees) and I've found out what commercial vendors are charging for their solutions to each of these problems, I have gladly used my knowledge of Squid to save us money.
Of course, that knowledge was not easily won, at least not for me. Because Squid was an open source project there was a lot of information available on the Web, but, of course, because Squid was an open source project, it was hard to find a definitive answer to my particular problem without asking a lot of dumb questions on newsgroups or making a lot of trial and error attempts tweaking compile time options, system changes and configuration file settings.
I have waited for this book for a long time.
I was concerned that it might be too detailed to be readable. Thankfully, Duane Wessels, the primary architect of Squid , has laid out this book to provide simple access at the Macro level. The chapter arrangement and organization are very intuitive. And yet the book still contains enough information to satisfy almost every question.
The one caveat I would make to a reader is to maintain situational awareness while delving into a chapter because, without noticing it, you can suddenly be confronted with pages and pages of configuration file details. There's no avoiding it, when a book says `Definitive Guide' on the cover you expect to have full coverage. It's just that the book is so lucidly written that the transition from high-level discussions to detailed facts might catch you un-aware.
And, really, it's that kind of feeling that lets you know that you're reading a very valuable text. I spent the first hour after I got this book skimming each chapter, happy at each additional topic I discovered. Then I went back and asked it the two hardest questions I have faced using Squid over the past year, in each case the answer was easily found and fully explained (Mr. Wessels deserves an award for making transparent proxying understandable).
The wait for this book was well worth it. I highly recommend it to any person working with, or thinking about working with, Squid.
The first three chapters are pretty basic: history of Squid, downloading then installing. For those with no concern of going through downloading and installing, there is a nice section describing each configure switch and, while weighing in at a healthy 48 options, it may be helpful to have this as a reference.
Chapter Four, Configuration Guide For the Eager, is an often desired, but often left out chapter in technical books. By just reading chapters one through four, it is possible to have a fully functional setup of Squid, albeit not very secure or ready for the pounding of the masses. You will, however, begin to understand how Squid operates. This chapter discusses the most often used settings, such as: minimum/maximum size of cached objects, log files and ACLs to restrict addresses, etc.
Chapter Five, Running Squid, covers what you expect. It includes such topics as, boot scripts, chrooting and rotating log files. Again, basic stuff, but necessary for the sake of completeness.
Chapter Six, All About Access Controls, covers one of Squid's major powers and attractions, access controls. ACLs give the administrator extremely fine-grained tuning. Some of the choice highlights for limiting access to addresses/domains include, but not limited to: filter by subnet, MAC, IP address or administrator assigned group. Furthermore, regular expressions can be used to filter URLs or URIs. A most likely seldom used, but very cool, feature is the ability to filter by BGP AS (Border Gateway Protocol Autonomous System) numbers. HTTP request methods such as POST, PUT, DELETE, etc. can also be filtered. Filtering by time or restricting access by user name is also supported. Each topic is assiduously explained and leaves little to be desired.
Chapters Seven and Eight cover disk caching with chapter Seven being basic material and then Eight covering more advanced topics. Discussions on object pruning, size limits, cache replacement policies and many other cache optimizations are covered in these chapters and are necessary to thoroughly understand if you are situated in a relatively large environment or just want to squeeze every bit of performance from your Squid.
Chapter Nine, Interception Caching, covers transparent proxying. This chapter discusses the benefits (no need to configure clients) and drawbacks (cannot do user authentication) of implementing such a system. It then goes on to discuss how to configure Alteon/Nortel, Foundry, Extreme Networks, Arrowpoint, iptables, pf and ipfw to perform the routing to the Squid box.
Chapter ten, Talking to other Squids
Scalability is another favorable attribute of Squid. Running in parallel with previous chapters, this chapter details the advantages (load balancing and increasing your cache hits) and the disadvantages (security problems with having to trust neighboring Squids) of a caching hierarchy. In addition, it explains how to configure connect timeouts and other tweaks to keep Squids aware of when their siblings are down.
Chapter eleven, Redirectors, covers another great attribute of Squid. Redirectors can be used, among other possibilities, to remove advertisements in web pages or rewrite client requests based on their given URL or URI. This chapter details how they work, from a protocol level, and provides example configuration settings such as sending only specific users through the redirector or conversely, letting specific users bypass the redirector altogether.
Squid can be configured to use various user authentication methods to allow or deny access. Chapter Twelve, Authentication Helpers, covers these options. Squid can talk HTTP Basic, HTTP Digest and NTLM. Each type is well explained in how it works and detailed in how to setup.
Chapter Thirteen and Fourteen fully explain logging and monitoring. The logging chapter explains the type of information each log file catches, a full description of each error or information type (which is a great reference that I made full use of) and configuration directives that change what is logged or how it is logged. Monitoring Squid covers the Squid Cache Manger (A web front-end to many great statistics), a brief mention of using Squid-RRD and using SNMP. Such monitoring statistics include, file descriptor allocation, byte hit ratios, cache hits and cache misses and a wealth of other useful information.
Chapter Fifteen, Server Accelerator Mode, explains Server Accelerator Mode, which is also known as Surrogate Mode. It is a neat trick where Squid stills runs as a proxy, however, the Squid server is proxying the world (or a select few) to your server. One obvious advantage includes performance (or Slashdot hardening if you will). There are several config directives explained here as well as some gotchas.
Chapter Sixteen, Debugging, is the is one of the few chapters that I did not need to reference. Although, if you need to, there is some good information provided.
Appendix A comes with a config file reference that actually provides more information then the comments in the configuration file (Holy moley!...they better trademark that idea before other authors catch on!).
Appendix B briefly covers memory caching and optimization.
Appendix C shows how to use delay pools to limit user bandwidth.
Appendix D details file system performance benchmarks to show you filesystem and operating system differences.
Appendix E discusses running Squid on Windows using Cygwin.
Appendix F covers auto configuration of Squid clients to avoid needing to physically visit the many machines you administer.
Pros: This is "The Book" for Squid. No skipping from chapter to chapter, the author was also the designer and still one of the maintainers, fuller descriptions of the configuration file directives that the configuration file comments. It is a great reference.
Cons: Really the only thing that I didn't like was that he only discussed HTTP proxying. There is a brief mention of FTP and SMTP, but only a couple of sentences. To be fair, in the preface he did mention that he would would of liked to written on these topics but didn't have time.
My previous experience with proxies was MS proxy server 2.0 and I was a little apprehensive of this project; not to worry. Forty six pages into the book, squid was running; total time invested including installation of the program was about 2 hrs.
Another two hours of reading and precious few changes to config files and my log files are rotating, all ports I need exposed are open and the rest are hidden. I have already been able to tune squid to accelerate delivery of content using *only* this book as a guide. I haven't even had to look at the online documentation for squid (the first time I ever recall that happening).
Not only is my internet connection now available to all users, but also every one is browsing faster than they were before on single dedicated dial ups.
I can't say enough good things about the book or the program. In 14 years of networking I have seen the good, the bad and the ugly. This is one of those rare guides whose author is extremely knowlegable and the material presentation is flawless. I have a large computer science library and in my experience, it doesn't get any better than this.
Bravo Mr. Wessels!
Most Recent Customer Reviews
Many directives, and many fun cases where squid can be used are...Read more