OpenWrt Forum Archive

Topic: SQUID on WNDR3700 (arokh build) - Transparent caching with 4GB USB key

The content of this topic has been archived on 11 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
Z3r0
26 Apr 2011, 03:10

Hi all,

Had to work this out myself yesterday so thought i'd post it, perhaps there's easier ways of doing this too.

There's no space on the root filesystem so everything has to be installed to the USB key.

First up, plug in the USB key to the router. You have to format it on the router to use it (or work out what permissions to change).

1.) In luci, go to system, mount points, add a new device, /dev/sda1 with /mnt/sda with fs ext4 and of course tick run filesystem check on mount.

2.) ssh root@routerip,

3.)  mkfs.ext4 /dev/sda1 to reformat the USB key to ext4.

2a.) might need to mount /dev/sda1 /mnt/sda

3.) vi /etc/opkg.conf, we want to be able to install squid to the usb key as there's no space on the root filesystem.
        add the following
        dest usb /mnt/sda

4.) optionally download the squid and libopenssl packages from trunk here to the usb key in /mnt/sda using wget
     syntax: wget "package url"

4.) Install squid: opkg -d usb install squidfilename libopensslfilename

5.) To execute squid type:
     LD_LIBRARY_PATH=.:/mnt/sda/usr/lib /mnt/sda/usr/sbin/squid -f /mnt/sda/etc/squid/squid.conf

    Essentially, we are telling squid to find the libopenssl library and also the squid config file.

    This squid execute will fail because the squid.conf has invalid paths.

    For diagnostics append -d 9   and maybe -X

6.) A lot of the path stuff in the squid config is pointing to / as the root directory, we need to use /mnt/sda, there's probably a cleaner way of doing this (define a variable? change a variable) BUT I dunno tongue so just change the following in
    /mnt/sda/etc/squid/squid.conf

http_port 3128 transparent
visible_hostname localhost

# use 3.5GB of the key
cache_dir ufs /mnt/sda/var/cache 3500 16 256

# Optional
maximum_object_size 32 MB

access_log /mnt/sda/var/logs/access.log squid
logfile_daemon /mnt/sda/usr/lib/squid/logfile-daemon
cache_log /mnt/sda/var/logs/cache.log
cache_store_log /mnt/sda/var/logs/store.log
mime_table /mnt/sda/etc/squid/mime.conf
pid_filename /mnt/sda/var/logs/squid.pid
diskd_program /mnt/sda/usr/lib/squid/diskd-daemon
unlinkd_program /mnt/sda/usr/lib/squid/unlinkd
pinger_program /mnt/sda/usr/lib/squid/pinger
icon_directory /mnt/sda/usr/share/squid/icons

#optional
pipeline_prefetch on

7.) Initialise squid swap by executing the command at 5.) with -z

8.) Create the /mnt/sda/var/cache folder and /mnt/sda/var/logs folders

9.) Apply permissions to these folders so that squid can use them, I think it's:
           chown nobody:nogroup /mnt/sda/var/cache
           chown nobody:nogroup /mnt/sda/var/logs

10.) Install the kmod-nat-extra and iptables-nat-extra packages to get iptables REDIRECT (ipt_REDIRECT.ko) kernel module and iptables support, you should have room on your root fs for these.

11.) Once you confirm the cache is working at port 3128 then on the shell type:

    iptables -t nat -A PREROUTING -p tcp -i br-lan --dport 80 -j REDIRECT --to-port 3128

    will redirect all port 80 requests transparently to the squid cache at 3128


12.) Add this to your rc.local to get it to work at each bootup

   LD_LIBRARY_PATH=.:/mnt/sda/usr/lib /mnt/sda/usr/sbin/squid -f /mnt/sda/etc/squid/squid.conf

13.) Add this to the firewall.user NOT rc.local

   ### you can optionally put this in your luci config or firewall.user
   iptables -t nat -A PREROUTING -p tcp -i br-lan --dport 80 -j REDIRECT --to-port 3128

   This will now execute on each firewall restart (system bootup).

14.) To see the squid cache working, type "df" to see how much free space is on the usb key and watch it fill up as you visit websites smile


Notes: Edited Step 12 and split into Step 12/13 as firewall rules need to be in firewall.user

Additional notes on performance:
Speed wise, I used hdparm and the cached reads are 124MB/s, buffered read speed was 23.4MB/s, I wrote 100MB to the key and it took 24s (4.1MB/s). There's apparently a way to double USB write speeds by aligning the partitions correctly with the usb stick memory. Here's the link: http://linux-howto-guide.blogspot.com/2 … speed.html

I haven't got time to work out how to align the sectors properly, i've tried this but didn't see any difference...

fdisk -H 32 -S 8 -cu /dev/sdc
n 1 (create a drive)
x (extended options)
b (move the beginning of the partition) << may need to move it to align with the first 128KB write block. Mine is set to 2048.

mkfs.ext4 -E stripe-width=128 -b 4096 -J size=32 -m 0 -i 8192 /dev/sdc1

Stripe width of 32 apparently increases small file performance.

(Last edited by Z3r0 on 29 Apr 2011, 02:12)

Post #2
Z3r0
3 May 2011, 05:27

A note for anyone thinking of doing this...

Install the squid cache manager, you can then see cache stats at:

http://routerip/cgi-bin/cachemgr.cgi

I didn't get very good statistics, there's not enough computers on my network for any caching advantage it seems (1 PC, 2 laptops, 2 phones), it seems the browser caches are very good and I didn't get any advantage with the mobile devices I use.

firefox stats: about:cache in address bar

It's also not possible to cache youtube (afaik), windows updates, apt-get hits didn't work and so on.


I also had problems because some genius decided to set up an SMTP server on port 80 and I couldn't find an easy way to pass SMTP through the squid cache untouched. The only way I found was to use iptables to ACCEPT at nat prerouting stage for anything destined to the SMTP servers IP, thus avoiding the squid cache. It still didn't do the job perfectly (don't know why / don't have time or inclination to play around with it).

(Last edited by Z3r0 on 3 May 2011, 05:29)

Post #3
jack.bauer
12 Jun 2011, 21:28

Hy I' am new here.

From the Freifunk-Community Leipzig Germany. Sorry for my bad english.

First of all thanks for the very good tutorial of installing squid. 100% work.

But some people wrote here, that there is no init-script to start squid after reboot.

I have written a simple init-script and it does the startup of squid on each reboot.

here is my way to succes.

1. create a file squid-launch in /etc/init.d

2. copy an paste the following code

#!/bin/sh /etc/rc.common
# Example script
# Copyright (C) 2007 OpenWrt.org

START=99
STOP=99
 
  start() {       
          echo start
          # commands to launch application - PLEASE DO YOUR PATH IN HERE
          # this is my PATH - different from the tutorial above
          squid
          }                 
                   
  stop() {         
         echo stop
         # commands to kill application -  PLEASE DO YOUR PATH IN HERE
         # this is my PATH - different from the tutorial above

         squid -k shutdown
         }

3. save it and give the new file /etc/init.d/squid-launch new rights with:

Code:

chmod +x /etc/init.d/squid-launch

4. enable the script for starting up at every boot with:

Code:

/etc/init.d/squid-launch enable

5. reboot the box

PLEASE WAIT FOR ABOUT 5MIN's! Because the script will be start after all other scripts are startet. this is better and you are sure that all nessecary things for squid are enabled
and are running.

This works for me, very good.

Hope it helps.

Your Federal Agent Jack Bauer

------------------------------------

Visit us: http://leipzig.freifunk.net and www.freifunk.net

(Last edited by jack.bauer on 12 Jun 2011, 21:32)

The discussion might have continued from here.