Web caching

[LoStMaTt]

So since my earlier thread about Squid didn't go down to well, maybe this one will get a better response.

What do you guys use at work for web caching? Basically our T1 is limited to 1.5 up/down and 90% of the traffic is HTTP. I want to cache web pages so that less bandwidth is used and web pages load faster.

How can I achieve this goal?

 

[Captain Colonoscopy]

I would setup a transparent web proxy with content filtering courtesy of endian or astaro. If that is too much then you can always setup a plain web proxy with no content filter with smoothwall or ipcop.

You could also setup a proxy with ISA server. If you're running SBS2003 you may already have it. If I remember correctly the Premium version includes ISA.

 

[axan]

whats wrong with using squid?

 

[LoStMaTt]

whats wrong with using squid?

Nothing is wrong with using squid. I just can't find a platform to run it on.

The other thing is, I MUST keep the Cisco router as the gateway. In other words I can't just set up Endian and run a double NAT. If there is a way to use Endian or IPCOP (preferably) in between the Cisco and the LAN that would be great.

Just let me know how to do it.

 

[axan]

well there is nothing out of the box that will do it for you, but you setup a basic linux distro like gentoo ( my choice) or ubuntu and install squid on it. If you need the proxy to be transparent you could set it up as a bridge between your network and the cisco router.

Heres something to get you started
http://gentoo-wiki.com/HOWTO_setup_a_transparent_caching_bridge
the gentoo wiki has bunch of howtos on squid and bridgin, if you have any specific questions i can try to help you out.

 

[LoStMaTt]

Is it hard to configure it so that SSL or HTTPS websites are not effected?

 

[Captain Colonoscopy]

nothing, I have just found it a lot easier to use squid when it's pre-configured on a linux-based firewall distro like ipcop. I'm not exactly a linux-guru.

 

[axan]

no it would be easy, you can only redirect port 80 traffic and let everything else go straight to the router

 

[LoStMaTt]

Hmm I relaly appreciate the information axan.

The only problem now is my knowledge of IPTABLES and compiling kernels and configuring this or that in Linux is poor...I could probably make this work with 20-30 hours of time and effort...The company I work for can't afford any type of web caching appliance so I guess I will just have to lay this out to them.

I'll play with Gentoo over the next few months and see if I can get it going..Ugh.

 

[Captain Colonoscopy]

Could you turn off NAT on the Cisco firewall and let the endian/ipcop box handle everything? You can setup static nat translations on the linux box like on the Cisco router.