Set Up Squid Siblings On CentOS 6.3 With WCCP

This tutorial will walk you through setting up a couple of outbound Squid proxy sibling servers running on CentOS 6.3 and have them connected to your gateway using WCCP. This will not cover the tuning of Squid in terms of cache performance.

 if(typeof __ez_fad_position != ‘undefined’){__ez_fad_position(‘div-gpt-ad-howtoforge_com-medrectangle-3-0’)};

1. Prerequisites

You have a Cisco gateway that supports WCCP.

 

2. Preliminary notes

  • The dns domain in this will be example.com
  • Server 1 is named proxy1.example.com with an IP of 192.168.88.2
  • Server 2 is named proxy2.example.com with an IP of 192.168.88.3
  • Local DNS with an address of 192.168.88.4
  • The Gateway address is 192.168.88.254
  • The install media used is CentOS 6.3 minimal

    3. CentOS setup

    First off we need to install CentOS to both servers. Configure the drive(s) anyway you like just as long as you leave enough free space for Squid to run properly.

    Once the minimal install is complete configure network connectivity on both servers.

    proxy1.example.comif(typeof __ez_fad_position != ‘undefined’){__ez_fad_position(‘div-gpt-ad-howtoforge_com-medrectangle-4-0’)};

    vi /etc/sysconfig/network-scripts/ifcfg-eth0
    DEVICE=”eth0”
    BOOTPROTO=”none”
    ONBOOT=”yes”
    IPADDR=”192.168.88.2”
    NETMASK=”255.255.255.0”
    GATEWAY=”192.168.88.254”

    proxy2.example.com

    vi /etc/sysconfig/network-scripts/ifcfg-eth0
    DEVICE=”eth0”
    BOOTPROTO=”none”
    ONBOOT=”yes”
    IPADDR=”192.168.88.3”
    NETMASK=”255.255.255.0”
    GATEWAY=”192.168.88.254”

    Both servers

    vi /etc/resolv.conf
    domain example.com
    search example.com
    nameserver 192.168.88.4

    If you are not running a local DNS server or you cannot register your server addresses then you will need to program the hosts file on each server. If you can register the server eth0 addresses with the DNS, do it now and skip coding the hosts file.

    /etc/hosts

    127.0.0.1 	localhost 
    192.168.88.2		proxy1.example.com
    192.168.88.3		proxy2.example.com

    Next get your system current

    yum update

    And install the basic packages that will be used.

    yum install nano squid

    I use nano as the primary text editor from this point forth, but you can use whichever particular text editor is your preferred editor.

     

    4. Squid setup

    Now that we have the basic servers setup, updated, and have our software installed lets get our Squid siblings talking and ready to take some traffic. Start with the squid.conf file

    nano /etc/squid/squid.conf
    #Set ACL for Squid siblings 
    acl squidPeers 192.168.88.2/32
    acl squidPeers 192.168.88.3/32
    http 3128 transparent
    wccp2_router 192.168.88.254
    wccp_version 4
    wccp2_service standard 0
    #Set WCCP to use GRE
    wccp2_forwarding_method 1
    wccp2_return_method 1
    #ICP options
    icp_port 3130
    icp_access allow squidPeers
    #Set Squid siblings
    cache_peer  sibling 3128 3130 proxy-only
    

    Replace with the appropriate entry. For example the line on proxy1.example.com would read:

    cache_peer proxy2.example.com sibling 3128 3130 proxy-only
    About the Author

    Leave a Reply