Set Up Squid Siblings On CentOS 6.3 With WCCP
This tutorial will walk you through setting up a couple of outbound Squid proxy sibling servers running on CentOS 6.3 and have them connected to your gateway using WCCP. This will not cover the tuning of Squid in terms of cache performance.
1. Prerequisites
You have a Cisco gateway that supports WCCP.
2. Preliminary notes
- The dns domain in this will be example.com
- Server 1 is named proxy1.example.com with an IP of 192.168.88.2
- Server 2 is named proxy2.example.com with an IP of 192.168.88.3
- Local DNS with an address of 192.168.88.4
- The Gateway address is 192.168.88.254
- The install media used is CentOS 6.3 minimal
3. CentOS setup
First off we need to install CentOS to both servers. Configure the drive(s) anyway you like just as long as you leave enough free space for Squid to run properly.
Once the minimal install is complete configure network connectivity on both servers.
proxy1.example.com
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=”eth0” BOOTPROTO=”none” ONBOOT=”yes” IPADDR=”192.168.88.2” NETMASK=”255.255.255.0” GATEWAY=”192.168.88.254”
proxy2.example.com
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=”eth0” BOOTPROTO=”none” ONBOOT=”yes” IPADDR=”192.168.88.3” NETMASK=”255.255.255.0” GATEWAY=”192.168.88.254”
Both servers
vi /etc/resolv.conf
domain example.com search example.com nameserver 192.168.88.4
If you are not running a local DNS server or you cannot register your server addresses then you will need to program the hosts file on each server. If you can register the server eth0 addresses with the DNS, do it now and skip coding the hosts file.
/etc/hosts
127.0.0.1 localhost 192.168.88.2 proxy1.example.com 192.168.88.3 proxy2.example.com
Next get your system current
yum update
And install the basic packages that will be used.
yum install nano squid
I use nano as the primary text editor from this point forth, but you can use whichever particular text editor is your preferred editor.
4. Squid setup
Now that we have the basic servers setup, updated, and have our software installed lets get our Squid siblings talking and ready to take some traffic. Start with the squid.conf file
nano /etc/squid/squid.conf
#Set ACL for Squid siblings acl squidPeers 192.168.88.2/32 acl squidPeers 192.168.88.3/32 http 3128 transparent wccp2_router 192.168.88.254 wccp_version 4 wccp2_service standard 0 #Set WCCP to use GRE wccp2_forwarding_method 1 wccp2_return_method 1 #ICP options icp_port 3130 icp_access allow squidPeers #Set Squid siblings cache_peersibling 3128 3130 proxy-only
Replace
cache_peer proxy2.example.com sibling 3128 3130 proxy-only