Squid反向代理

代理服务器的保存缓存提供给用户访问服务器资源。

正向代理是代理有用户访问网络的。

 

squid反向代理_第1张图片

49-1

1.cache server 的配置

面向用户的端口是 80

[root@server ~]# vim /etc/squid/squid.conf

637 http_access allow all

919 http_port 10.106.42.171:80 vhost

1181 #       #          hostname             type     port   port  options

1182 #       #          -------------------- -------- ----- -----  -----------

1185 cache_peer 192.168.2.2       parent    80    0    originserver

--指定父cache server

 

初始化缓存

--手工初始化缓存 或者直接启动第一次也回初始化缓存

[root@server ~]# squid --help

squid: invalid option -- -

Usage: squid [-hvzCDFNRYX] [-d level] [-s | -l facility] [-f config-file] [-u port] [-k signal]

       -d level  Write debugging to stderr also.

       -f file   Use given config-file instead of

                 /etc/squid/squid.conf

       -h        Print help message.

       -k reconfigure|rotate|shutdown|interrupt|kill|debug|check|parse

                 Parse configuration file, then send signal to

                 running copy (except -k parse) and exit.

       -s | -l facility

                 Enable logging to syslog.

       -u port   Specify ICP port number (default: 3130), disable with 0.

       -v        Print version.

       -z        Create swap directories

       -C        Do not catch fatal signals.

       -D        Disable initial DNS tests.

       -F        Don't serve any requests until store is rebuilt.

       -N        No daemon mode.

       -R        Do not set REUSEADDR on port.

       -S        Double-check swap during rebuild.

       -X        Force full debugging.

       -Y        Only return UDP_HIT or UDP_MISS_NOFETCH during fast reload.

[root@server ~]# squid -z

2011/10/10 17:43:42| Squid is already running!  Process ID 4374

[root@server ~]#

[root@server ~]# service squid restart

--不需要开启数据包转发的功能

 

2.web server 的配置

 

[root@web Server]# ifconfig eth0 192.168.2.2

[root@web Server]#

[root@web ~]# mount /dev/cdrom /mnt/cdrom

mount: block device /dev/cdrom is write-protected, mounting read-only

[root@web ~]# cd /mnt/cdrom/Server/

[root@web Server]# rpm -ivh httpd-

httpd-2.2.3-22.el5.i386.rpm         httpd-manual-2.2.3-22.el5.i386.rpm

httpd-devel-2.2.3-22.el5.i386.rpm  

[root@web Server]# rpm -ivh httpd-2.2.3-22.el5.i386.rpm

warning: httpd-2.2.3-22.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186

Preparing...                ########################################### [100%]

   1:httpd                  ########################################### [100%] [root@web Server]#

[root@web Server]# vim /var/www/html/index.html

squid cache server  test web!          

[root@web Server]# service httpd start

Starting httpd: httpd: apr_sockaddr_info_get() failed for client

httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

                                                           [  OK  ]

[root@web Server]# links 127.0.0.1

                                                              http://127.0.0.1/

   squid cache server test web!                                                

        

3.压力测试

 

 [root@client ~]# ll

total 84

drwxr-xr-x 2 root root  4096 Oct  5 11:11 Desktop

-rw------- 1 root root  1495 Sep 15 17:49 anaconda-ks.cfg

-rw-r--r-- 1 root root 17033 Oct 11  2011 http_load-12mar2006.tar.gz

-rw-r--r-- 1 root root 38101 Sep 15 17:49 install.log

-rw-r--r-- 1 root root  3681 Sep 15 17:48 install.log.syslog

[root@client ~]# tar -zxvf http_load-12mar2006.tar.gz

http_load-12mar2006/

http_load-12mar2006/Makefile

http_load-12mar2006/README

http_load-12mar2006/http_load.1

http_load-12mar2006/http_load.c

http_load-12mar2006/make_test_files

http_load-12mar2006/port.h

http_load-12mar2006/timers.c

http_load-12mar2006/timers.h

http_load-12mar2006/version.h

http_load-12mar2006/FILES

[root@client ~]# cd http_load-12mar2006

[root@client http_load-12mar2006]# ll

total 92

-r--r--r-- 1 1544 80    97 Jul 15  2001 FILES

-rw-r--r-- 1 1544 80  1640 Jan  4  2002 Makefile

-rw-r--r-- 1 1544 80  1035 Mar 12  2006 README

-r--r--r-- 1 1544 80  5414 May 20  2005 http_load.1

-rw-r--r-- 1 1544 80 47168 Mar 12  2006 http_load.c

-r-xr-xr-x 1 1544 80  1178 Sep 13  2000 make_test_files

-r--r--r-- 1 1544 80  2274 Jun  4  2004 port.h

-r--r--r-- 1 1544 80  7389 May 20  2005 timers.c

-r--r--r-- 1 1544 80  3895 May 20  2005 timers.h

-rw-r--r-- 1 1544 80   153 Mar 12  2006 version.h

[root@client http_load-12mar2006]# make install

gcc -Wall -O    -c http_load.c

http_load.c: In function 'main':

http_load.c:413: warning: implicit declaration of function 'time'

http_load.c: In function 'handle_connect':

http_load.c:937: warning: pointer targets in passing argument 5 of 'getsockopt' differ in signedness

gcc -Wall -O    -c timers.c

gcc -Wall -O    http_load.o timers.o -s   -o http_load

rm -f /usr/local/bin/http_load

cp http_load /usr/local/bin

rm -f /usr/local/man/man1/http_load.1

cp http_load.1 /usr/local/man/man1

cp: cannot create regular file `/usr/local/man/man1': No such file or directory

make: *** [install] Error 1

编辑测试的文件:准备URL文件:文件格式是每行一个URLURL最好超过50100个测试效果比较好.文件格式

[root@client ~]# vim urltest.txt

http://10.106.42.171/index.html



 

 

[root@client http_load-12mar2006]# http_load

usage:  http_load [-checksum] [-throttle] [-proxy host:port] [-verbose] [-timeout secs] [-sip sip_file]

            -parallel N | -rate N [-jitter]

            -fetches N | -seconds N

            url_file

One start specifier, either -parallel or -rate, is required.

One end specifier, either -fetches or -seconds, is required.

[root@client http_load-12mar2006]# cd 

-parallel 简写-p :含义是并发的用户进程数。
-fetches
简写-f :含义是总计的访问次数
-rate   
简写-r:含义是每秒的访问频率
-seconds
简写-s :含义是总计的访问时间

 

"urltest.txt" [New] 1L, 30C written                          

 

[root@client ~]# http_load -p 20 -f 100 urltest.txt

100 fetches, 20 max parallel, 3000 bytes, in 0.112525 seconds

30 mean bytes/connection

888.691 fetches/sec, 26660.7 bytes/sec

msecs/connect: 2.99549 mean, 9.898 max, 0.318 min

msecs/first-response: 15.6888 mean, 26.967 max, 5.058 min

HTTP response codes:

  code 200 -- 100

[root@client ~]# http_load -p 20 -f 100 urltest.txt

100 fetches, 20 max parallel, 3000 bytes, in 0.119666 seconds

30 mean bytes/connection

835.659 fetches/sec, 25069.8 bytes/sec

msecs/connect: 5.73962 mean, 15.986 max, 0.602 min

msecs/first-response: 13.709 mean, 33.941 max, 5.871 min

HTTP response codes:

  code 200 -- 100

[root@client ~]#       

 

 

不用cache server访问压力测试

[root@server ~]# vim /etc/sysctl.conf

net.ipv4.ip_forward = 1                    

[root@server ~]# sysctl -p   

[root@server ~]# service squid stop

Stopping squid:                                            [  OK  ]

[root@server ~]# service iptables start

Flushing firewall rules:                                   [  OK  ]

Setting chains to policy ACCEPT: filter                    [  OK  ]

Unloading iptables modules:                                [  OK  ]

[root@server ~]# iptables -t nat -A PREROUTING -d 10.106.42.171 -p tcp --dport 80 -j DNAT --to 192.168.2.2                   

 

[root@web~]route add default gw 192.168.2.1

 

 

[root@client ~]# links http://10.106.42.171

                                                          http://10.106.42.171/

   squid cache server test web!                                                

                                                                               

                                                                              

OK                                                                     [------]

[root@client ~]#

[root@client ~]# http_load -p 20 -f 100 urltest.txt

100 fetches, 20 max parallel, 3000 bytes, in 0.246648 seconds

30 mean bytes/connection

405.436 fetches/sec, 12163.1 bytes/sec

msecs/connect: 18.0242 mean, 97.304 max, 2.21 min

msecs/first-response: 21.9964 mean, 97.304 max, 3.219 min

HTTP response codes:

  code 200 -- 100

[root@client ~]# http_load -p 20 -f 100 urltest.txt

100 fetches, 20 max parallel, 3000 bytes, in 0.316376 seconds

30 mean bytes/connection

316.08 fetches/sec, 9482.39 bytes/sec

msecs/connect: 27.401 mean, 64.675 max, 4.463 min

msecs/first-response: 28.0475 mean, 62.881 max, 2.972 min

HTTP response codes:

  code 200 -- 100

[root@client ~]#