External Squid Box with No Limit Cache HIT Object ROS 2.

External Squid Box with No Limit Cache HIT Object ROS 2.9
Introduction
This page will tak about how to bypass Squid Cache HIT object with Queues Tree in RouterOS 2.9 . Its mean you can download cache HIT object with maximum speed. This feature introduce in RouterOS 3.0 DSCP option but if you have External Squid Cache Box You can make possible in 2.9 with TOS, Mangle and Queue Tree Note : Please disable webproxy in mikrotik before implementing /ip web-proxy set enabled=no

Network Layout

Basic Setup
basic setting 2 network interface: [pokemon@home] > interface print # 0 1 NAME R public R lan TYPE ether1 ether2 RX-RATE 0 0 TX-RATE 0 0 MTU 1500 1500

IP Address for each interface: [pokeman@home] > /ip address print Flags: X - disabled, I - invalid, D - dynamic # ADDRESS NETWORK BROADCAST

INTERFACE

External Squid Box with No Limit Cache HIT Object ROS 2.9 0 1 192.168.0.2/24 172.16.1.1/24 192.168.0.0 192.168.0.255 public 172.16.1.0 172.21.1.255 lan

First you mark the cache object in mangle:

[pokeman@home] > /ip firewall mangle add chain=postrouting tos=48 action=mark-packet \ new-packet-mark=proxy-hit passthrough=no

Then Create Global Queue tree:

[pokeman@home] > /queue tree add name="pmark" parent=global-out packet-mark=proxy-hit \ limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s

Linux Setup
Network Setting: eth0 Public ip e.g 111.222.222.222/29 eth1 Private ip e.g 192.168.0.1/24 Enable NAT with Transparent proxy: touch /etc/rc.d/rc.firewall vi /etc/rc.d/rc.firewall Paste Configuration:
!/bin/sh IPTABLES=/sbin/iptables $IPTABLES -F -t nat $IPTABLES -A POSTROUTING -t nat -o eth0 -j MASQUERADE $IPTABLES -t nat -A PREROUTING -s 192.168.0.0/24 -p tcp -m multiport --dports 80 -j REDIRECT --to-port 8080 echo 1 > /proc/sys/net/ipv4/ip_forward

Execute Firewall: sh /etc/rc.d/rc.firewall Patch TOS or ZPH in squid:

Their is some patch in squid 2.6 if you are used squid 2.7 skip this step just add the squid.conf parameters below wget http:/ / www. squid-cache. org/ Versions/ v2/ 2. 6/ squid-2. 6. STABLE16. tar. gz tar -xzvf squid-2.6.STABLE16.tar.gz cd squid-2.6.STABLE16 wget http:/ / kambing. ui. edu/ gentoo-portage/ net-proxy/ squid/ files/ squid-2. 6. 16-ToS_Hit_ToS_Preserve. patch patch -p1 < ./squid-2.6.16-ToS_Hit_ToS_Preserve.patch ./configure add your compile options

Squid Parameters: Squid.conf 2.6 zph_tos_local 0x30 zph_tos_peer 0 zph_tos_parent off zph_preserve_miss_tos on

External Squid Box with No Limit Cache HIT Object ROS 2.9 Squid.conf 2.7 tcp_outgoing_tos 0x30 ourusers zph_mode tos zph_local 0x30 zph_parent 0 Happy Cache ! Bugs & Suggestions @ asifbakali(at)gmail.com

Article Sources and Contributors

Article Sources and Contributors

External Squid Box with No Limit Cache HIT Object ROS 2.9 Source: http://wiki.mikrotik.com/index.php?oldid=8222 Contributors: Abakali

Image Sources, Licenses and Contributors

Image:Squidbox.JPG Source: http://wiki.mikrotik.com/index.php?title=File:Squidbox.JPG License: unknown Contributors: Abakali