Home · TOC · Preface · Purchase · Errata · Extras · Reviews · Contact
Squid TDG cover
Web Caching cover

Comments from Readers

Reinhard Voglmaier, for unixreview.com (June 2004)

This book teaches how to install, configure, administer, and maintain one of the most popular proxy server caches, the Squid proxy and caching server. Like other successful servers (e.g., Apache, OpenLDAP, or Tomcat), Squid is open source and therefore available on many platforms. Duane Wessels not only has a sound background regarding networking, Web, and in particular Web caching, he is also the creator of Squid. So, who better than he to explain this software?

read full review

SLM from Virginia, via amazon.com (May 24, 2004)

Squid: The Definitive Guide by Duane Wessels is a great book for someone with aspirations of setting up and getting the most out of Squid. It is lengthy at just over 400 pages, but that is to be expected and desired in O'Reilly's "The Definitive Guide" series. One point worth mentioning is that Duane Wessels (the author, for those with short synaptic cycles) is the one who started Squid and still works on it today. Each chapter builds nicely on subsequent chapters, so there isn't any skipping around. If you're just looking to set it and forget it, this book is probably not for you. Otherwise, read on.

The first three chapters are pretty basic: history of Squid, downloading then installing. For those with no concern of going through downloading and installing, there is a nice section describing each configure switch and, while weighing in at a healthy 48 options, it may be helpful to have this as a reference.

Chapter Four, Configuration Guide For the Eager, is an often desired, but often left out chapter in technical books. By just reading chapters one through four, it is possible to have a fully functional setup of Squid, albeit not very secure or ready for the pounding of the masses. You will, however, begin to understand how Squid operates. This chapter discusses the most often used settings, such as: minimum/maximum size of cached objects, log files and ACLs to restrict addresses, etc.

Chapter Five, Running Squid, covers what you expect. It includes such topics as, boot scripts, chrooting and rotating log files. Again, basic stuff, but necessary for the sake of completeness.

Chapter Six, All About Access Controls, covers one of Squid's major powers and attractions, access controls. ACLs give the administrator extremely fine-grained tuning. Some of the choice highlights for limiting access to addresses/domains include, but not limited to: filter by subnet, MAC, IP address or administrator assigned group. Furthermore, regular expressions can be used to filter URLs or URIs. A most likely seldom used, but very cool, feature is the ability to filter by BGP AS (Border Gateway Protocol Autonomous System) numbers. HTTP request methods such as POST, PUT, DELETE, etc. can also be filtered. Filtering by time or restricting access by user name is also supported. Each topic is assiduously explained and leaves little to be desired.

Chapters Seven and Eight cover disk caching with chapter Seven being basic material and then Eight covering more advanced topics. Discussions on object pruning, size limits, cache replacement policies and many other cache optimizations are covered in these chapters and are necessary to thoroughly understand if you are situated in a relatively large environment or just want to squeeze every bit of performance from your Squid.

Chapter Nine, Interception Caching, covers transparent proxying. This chapter discusses the benefits (no need to configure clients) and drawbacks (cannot do user authentication) of implementing such a system. It then goes on to discuss how to configure Alteon/Nortel, Foundry, Extreme Networks, Arrowpoint, iptables, pf and ipfw to perform the routing to the Squid box.

Chapter ten, Talking to other Squids

Scalability is another favorable attribute of Squid. Running in parallel with previous chapters, this chapter details the advantages (load balancing and increasing your cache hits) and the disadvantages (security problems with having to trust neighboring Squids) of a caching hierarchy. In addition, it explains how to configure connect timeouts and other tweaks to keep Squids aware of when their siblings are down.

Chapter eleven, Redirectors, covers another great attribute of Squid. Redirectors can be used, among other possibilities, to remove advertisements in web pages or rewrite client requests based on their given URL or URI. This chapter details how they work, from a protocol level, and provides example configuration settings such as sending only specific users through the redirector or conversely, letting specific users bypass the redirector altogether.

Squid can be configured to use various user authentication methods to allow or deny access. Chapter Twelve, Authentication Helpers, covers these options. Squid can talk HTTP Basic, HTTP Digest and NTLM. Each type is well explained in how it works and detailed in how to setup.

Chapter Thirteen and Fourteen fully explain logging and monitoring. The logging chapter explains the type of information each log file catches, a full description of each error or information type (which is a great reference that I made full use of) and configuration directives that change what is logged or how it is logged. Monitoring Squid covers the Squid Cache Manger (A web front-end to many great statistics), a brief mention of using Squid-RRD and using SNMP. Such monitoring statistics include, file descriptor allocation, byte hit ratios, cache hits and cache misses and a wealth of other useful information.

Chapter Fifteen, Server Accelerator Mode, explains Server Accelerator Mode, which is also known as Surrogate Mode. It is a neat trick where Squid stills runs as a proxy, however, the Squid server is proxying the world (or a select few) to your server. One obvious advantage includes performance (or Slashdot hardening if you will). There are several config directives explained here as well as some gotchas.

Chapter Sixteen, Debugging, is the is one of the few chapters that I did not need to reference. Although, if you need to, there is some good information provided.

Appendix A comes with a config file reference that actually provides more information then the comments in the configuration file (Holy moley!...they better trademark that idea before other authors catch on!).

Appendix B briefly covers memory caching and optimization.

Appendix C shows how to use delay pools to limit user bandwidth.

Appendix D details file system performance benchmarks to show you filesystem and operating system differences.

Appendix E discusses running Squid on Windows using Cygwin.

Appendix F covers auto configuration of Squid clients to avoid needing to physically visit the many machines you administer.

In conclusion:

Pros: This is "The Book" for Squid. No skipping from chapter to chapter, the author was also the designer and still one of the maintainers, fuller descriptions of the configuration file directives that the configuration file comments. It is a great reference.

Cons: Really the only thing that I didn't like was that he only discussed HTTP proxying. There is a brief mention of FTP and SMTP, but only a couple of sentences. To be fair, in the preface he did mention that he would would of liked to written on these topics but didn't have time.

Alexios Zavras, private email (March 9, 2004)

I got the squidbook yesterday, and, from glancing at random pages, it looks like you've produced another great book! (I consider Web Caching one of the best O'Reilly books). The combination of interesting content and your excellent writing style is remarkable. Congratulations on a job (very) well done!

Paul Sagun, private email (March 8, 2004)

I just got my first squid book from Oreilly yesterday and it seems the book offers more technical details than the first book you have in Web Caching. I have been using squid for decades and this book answer a lot =) I really appreciate your humility approach in writing the book and aside from very informative structure.

Congratulations and a job well done.

A reader from Chicago, via amazon.com (March 2, 2004)

Back in 1998 when I was running my own ISP, Squid was a lifesaver because it allowed me to provide excellent web response to customers over a very modest upstream connection.

When I moved on to consulting Squid was the answer to a wide variety of client problems from employee Internet access control (Redirectors) to company website performance (Server Accelerator Mode) to plain old web page load times (Proxy Cache).

Now that I've moved in-house in a large corporation (30,000+ employees) and I've found out what commercial vendors are charging for their solutions to each of these problems, I have gladly used my knowledge of Squid to save us money.

Of course, that knowledge was not easily won, at least not for me. Because Squid was an open source project there was a lot of information available on the Web, but, of course, because Squid was an open source project, it was hard to find a definitive answer to my particular problem without asking a lot of dumb questions on newsgroups or making a lot of trial and error attempts tweaking compile time options, system changes and configuration file settings.

I have waited for this book for a long time.

I was concerned that it might be too detailed to be readable. Thankfully, Duane Wessels, the primary architect of Squid , has laid out this book to provide simple access at the Macro level. The chapter arrangement and organization are very intuitive. And yet the book still contains enough information to satisfy almost every question.

The one caveat I would make to a reader is to maintain situational awareness while delving into a chapter because, without noticing it, you can suddenly be confronted with pages and pages of configuration file details. There's no avoiding it, when a book says 'Definitive Guide' on the cover you expect to have full coverage. It's just that the book is so lucidly written that the transition from high-level discussions to detailed facts might catch you un-aware.

And, really, it's that kind of feeling that lets you know that you're reading a very valuable text. I spent the first hour after I got this book skimming each chapter, happy at each additional topic I discovered. Then I went back and asked it the two hardest questions I have faced using Squid over the past year, in each case the answer was easily found and fully explained (Mr. Wessels deserves an award for making transparent proxying understandable).

The wait for this book was well worth it. I highly recommend it to any person working with, or thinking about working with, Squid.

Eric Kahklen, via the squid-users list (February 20, 2004)

I got my copy the other day!! So far I am quite happy with the book!! Great purchase.