[squid-users] Cache Peers and traffic handling
Matus UHLAR - fantomas
uhlar at fantomas.sk
Wed Apr 14 08:50:52 UTC 2021
On 14.04.21 08:29, koshik moshik wrote:
>Thank you! Yes, it works fine with 5 peers. So, what would be the best
>solution to handle 5000 peers?
maybe not doing that?
why do you need so many peers?
if you really do, you apparently could set them up all as no-query to only
fetch cache digests, so each request to your squid doesn't get forwarded to
5000 neighbour proxies - that would cause huge traffic and slowdown
... I assume have digest_generation enabled.
>> On 4/10/21 5:03 PM, koshik moshik wrote:
>> > Down below you can find my squid.config(I deleted the other cache_peer
>> > lines):
>> >
>> > -----------
>> >
>> > http_port 3128
>> >
>> > dns_v4_first on
>> >
>> > acl SSL_ports port 1-65535
>> >
>> > acl Safe_ports port 1-65535
>> >
>> > acl CONNECT method CONNECT
>> >
>> > http_access deny !Safe_ports
>> >
>> > http_access deny CONNECT !SSL_ports
are you aware that Safe_ports and SSL_ports are designed to protect your
squid server from participating in DoS attacks and from DoS attacks against
your squid?
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fighting for peace is like fucking for virginity...
More information about the squid-users
mailing list