[squid-users] Squid as forward proxy far slow than Shadowsocks

Billy.Zheng (zw963) zw963 at 163.com
Sat Feb 27 18:45:21 UTC 2016 

Hi,  I had read some squid wiki about following info.

>> For example you might get faster traffic by moving from
> stunnel+Squid to a Squid with intercept >>  Squid with intercept,
>> ssl-bump and "ssl_bump splice all" in the latest Squid-3.5 releases.

My current case is, from china inner Intranet => Squid server in Japan
vps must use https encrypt to communication. otherwize, GFW will block
request automaticly and disconnect my home internet some minutes.

If not used with stunnel, does this need my firefox browser to sent
https encrypt content to squid directly?

What about if I want to download from a blocked url with wget
in my Terminal?

I am still have no clear understood about how to connect to 
ss-bump enabled squid forward proxy server.

Thanks very much.

Amos Jeffries writes:

> On 23/02/2016 6:41 a.m., Billy.Zheng (zw963) wrote:
>> and connect to server with shadowssocks android app, the speed is
>> improve a lot, I can access almost any website as i did in my laptop ,
>> and more faster.
>> 
>> I love squid, so I want to know why those big difference between those
>> two software.
>
> The main difference is protocol type. You are comparing SOCKS protocol
> with HTTP.
>
> SOCKS has more in common with NAT. A simple mapping of "packets with
> certain IP:port (all) go to router X:y". Processing this is extremely
> fast as all it requires is swapping ~12 bytes in each packet to new
> values and leaving it to be delivered to the new location.
>
> Squid is actually parsing and processing the TLS and HTTP(S) messages
> inside each packet stream - which have to be queued and buffered to get
> enough packet data for each message (messages being bigger than
> packets). All that work slows the traffic down and takes up machine
> resources, which further slows down how much traffic can be processed
> per second.
>
> Which one you need to use depends on your requirements. If its just
> getting the traffic from A to B, then SOCKS is as good or better than
> Squid. Proper routing rules would be even better.
>
> If you need to manage traffic based on anything in the HTTP messages
> themselves. Then Squid is the better tool despite the speed differences.
>
> You will find the same tradeoff between fine grained control and speed
> with any networking software or protocols. Even between different Squid
> configurations. For example you might get faster traffic by moving from
> stunnel+Squid to a Squid with intercept, ssl-bump and "ssl_bump splice
> all" in the latest Squid-3.5 releases.
>
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-- 
Geek, Rubyist, Emacser
Homepage: http://zw963.github.io

More information about the squid-users mailing list