Set Up Squid Siblings On CentOS 6.3 With WCCP

This tutorial will walk you through setting up a couple of outbound Squid proxy sibling servers running on CentOS 6.3 and have them connected to your gateway using WCCP. This will not cover the tuning of Squid in terms of cache performance.

 

1. Prerequisites

You have a Cisco gateway that supports WCCP.

 

2. Preliminary notes

  • The dns domain in this will be example.com
  • Server 1 is named proxy1.example.com with an IP of 192.168.88.2
  • Server 2 is named proxy2.example.com with an IP of 192.168.88.3
  • Local DNS with an address of 192.168.88.4
  • The Gateway address is 192.168.88.254
  • The install media used is CentOS 6.3 minimal


3. CentOS setup

First off we need to install CentOS to both servers. Configure the drive(s) anyway you like just as long as you leave enough free space for Squid to run properly.

Once the minimal install is complete configure network connectivity on both servers.

proxy1.example.com

vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=”eth0”
BOOTPROTO=”none”
ONBOOT=”yes”
IPADDR=”192.168.88.2”
NETMASK=”255.255.255.0”
GATEWAY=”192.168.88.254”

proxy2.example.com

vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=”eth0”
BOOTPROTO=”none”
ONBOOT=”yes”
IPADDR=”192.168.88.3”
NETMASK=”255.255.255.0”
GATEWAY=”192.168.88.254”

Both servers

vi /etc/resolv.conf
domain example.com
search example.com
nameserver 192.168.88.4

If you are not running a local DNS server or you cannot register your server addresses then you will need to program the hosts file on each server. If you can register the server eth0 addresses with the DNS, do it now and skip coding the hosts file.

/etc/hosts

127.0.0.1 	localhost 
192.168.88.2		proxy1.example.com
192.168.88.3		proxy2.example.com

Next get your system current

yum update

And install the basic packages that will be used.

yum install nano squid

I use nano as the primary text editor from this point forth, but you can use whichever particular text editor is your preferred editor.

 

4. Squid setup

Now that we have the basic servers setup, updated, and have our software installed lets get our Squid siblings talking and ready to take some traffic. Start with the squid.conf file

nano /etc/squid/squid.conf
#Set ACL for Squid siblings 
acl squidPeers 192.168.88.2/32
acl squidPeers 192.168.88.3/32
http 3128 transparent
wccp2_router 192.168.88.254
wccp_version 4
wccp2_service standard 0
#Set WCCP to use GRE
wccp2_forwarding_method 1
wccp2_return_method 1
#ICP options
icp_port 3130
icp_access allow squidPeers
#Set Squid siblings
cache_peer  sibling 3128 3130 proxy-only

Replace with the appropriate entry. For example the line on proxy1.example.com would read:

cache_peer proxy2.example.com sibling 3128 3130 proxy-only
Share this page:

0 Comment(s)