Squid cluster for CDN full-network acceleration configuration sharing

The main server group, and then uses Squid to reverse cache port web80 to accelerate your website. portal websites such as 163, sina, and chinaitlab are basically using this technology. The advantage is that. for example, it accelerates the network and protects against hackers (because they see CDN hosts)
This is an application that uses the Squid reverse cluster mode.

Network Environment:

Master server group: source Web server group located in public ip: 220. XXX. XXX. X port: 80 (the backend is the WEB server)

Note: ensure that TCP80 and UDP3130 are enabled on the firewall (for icp_port communications, multiple Squid clusters will be used)

Sub-servers across the country: Server A's public network IP111.xxx. xxx. x

Server B public network ip112.xxx. xxx. x

Note: ensure that TCP80 and UDP3130 are enabled on the firewall (for icp_port communications, multiple Squid clusters will be used)

........................
Problems to be Solved:

All users throughout the country, whether Telecom or China Netcom, can access websites at a high speed.

Implementation

1. Install Squid on the master server group and three servers distributed across the country. If the Squid is not installed, close this page.

2. Configure Squid separately. Here, only the key points of Squid cluster configuration are described.

Configure Squid for the master server group:

Http_port 220. XXX. XXX. X: 80 vhost vport # Let Squid listen to port 80 of the local ip Address

Icp_port 3130 # use of multiple squids for communication

Cache_peer "intranet web server address" parent 80 0 no-query originserver no-digest name = cache0 # Set the ip address and port of the source Web server group

Cache_peer 220. XXX. XXX. X sibling 80 3130 name = cache1 # Let the remote squid connect to the local Squid in sibling mode and specify its port

Cache_peer 111. xxx. xxx. x sibling 80 3130 name = cache2 # server

Cache_peer 112. xxx. xxx. x sibling 80 3130 name = cache3 # server B

Cache_peer_domain cache0 www.php-oa.com # configure the domain name that the local squid allows access

Acl Safe_ports port 80

Acl Safe_ports port 3130 # Allow the proxy of the above port

Configurations of server Squid across China:

Server:

Http_port 111. xxx. xxx. x: 80 vhost vport

Icp_port 3130

Cache_peer 220. xxx. xxx. x parent 81 0 no-query originserver no-digest name = cache0 # Set the master server group Web server as the source server

Cache_peer 111. xxx. xxx. x sibling 80 3130 name = cache1

Cache_peer 220. xxx. xxx. x sibling 80 3130 name = cache2

Cache_peer 112. xxx. xxx. x sibling 80 3130 name = cache3

Cache_peer_domain cache0 www.php-oa.com

Acl Safe_ports port 80

Acl Safe_ports port 3130

Server B:

Http_port 112. xxx. xxx. x: 80 vhost vport

Icp_port 3130

Cache_peer 220. xxx. xxx. x parent 80 0 no-query originserver no-digest name = cache0

Cache_peer 112. xxx. xxx. x sibling 80 3130 name = cache1

Cache_peer 220. xxx. xxx. x sibling 80 3130 name = cache2

Cache_peer 111. xxx. xxx. x sibling 80 3130 name = cache3

Cache_peer_domain cache0 www.php-oa.com

Acl Safe_ports port 80

Acl Safe_ports port 3130
Even though the configuration is complete, how can we allow Telecom and China Netcom users to access two different images? Please check the relevant information, do not apply to the https://www.dnspod.com dual-line, China Telecom Netcom forwarding service

Note: The following describes the cache_peer parameters.

Use the cache_peer option in the squid. conf configuration file to configure the proxy server array
Other options are used to control the method of selecting proxy partners. The format of Cache_peer is as follows:
Cache_peer hostname type http_port icp_port
You can configure five options in total:
1. hostname: the requested Sub-proxy server or parent proxy server. It can be expressed by the host name or IP address;
2. type: Specifies the hostname type, whether it is a child proxy server of the same level or a parent proxy server, that is, parent (parent) or sibling (child );
3. http_port: Listener port of hostname;
4. icp_port: indicates the ICP listening port on the hostname. If you do not support the ICP Protocol, you can specify 7;
5. options: it can contain one or more keywords.
Options may have the following keywords:
1. proxy-only: indicates that the data obtained from the peer is not cached locally. By default, squid is used to cache the data;
2. weight = n: When you have multiple peers, if more than one peer has the data you requested, squid determines the weight value by calculating the ICP response time of each peer, and then squid sends an ICP request to the peer with the largest weight. that is, the higher the weight value, the higher the priority. of course, you can also manually specify its weight value;
3. no-query: Do not send an ICP request to the peer. If the peer is unavailable, use this option;
4. Default: it is a bit like the default route in the route table. This peer will be used as the final means of trying. when you only have one parent proxy server and it does not support the ICP Protocol, you can use Default and
The no-query option sends all requests to the parent proxy server;
5. login = user: password: This option can be used for authentication when your parent proxy server requires user authentication.

Curl-I http://www.xxx.com