Re: [squid-users] cached MS updates !

On Tue, Jun 17, 2008 at 1:24 AM, Henrik Nordstrom
<henrik_at_henriknordstrom.net> wrote:
> On mån, 2008-06-16 at 08:16 -0700, pokeman wrote:
>> thanks henrik for you reply
>> any other way to save bandwidth windows updates almost use 30% of my entire
>> bandwidth
>
> Microsoft has a update server you can run locally. But you need to have
> some control over the clients to make them use this instead of windows
> update...

> Or you could look into sponsoring some Squid developer to add caching of
> partial objects with the goal of allowing http access to windows update
> to be cached. (the versions using https can not be done much about...)

I made such caching by removing headers Range from requests
(transparent redirect to nginx webserver in proxy mode before squid).
Works fine for my ~ 1500 users. Cache size is 4G for now and growing.
Additionally It's possible to make static cache (I made it on the same
nginx, via proxy_store), so big files like servicepacks will be stored
in filesystem. Also it's possible to put in filesystem already
downloaded servicepacks and fixes, this will save the bandwidth.

Squid is running transparent port on http://127.0.0.1:18888 .
Http requests from LAN to windowupdate networks are redirected to 127.0.0.4:80

Nginx caches cab exe psf and cuts off "Range" header, other requests
redirected to MS sites;

Here is nginx config for caching site:

    server {
        listen 127.0.0.4:80;
        server_name au.download.windowsupdate.com
www.au.download.windowsupdate.com;

        access_log
/var/log/nginx/access-au.download.windowsupdate.com-cache.log main;

# root url - don't cache here

        location / {
            proxy_pass http://127.0.0.1:18888;
            proxy_set_header Host $host;
        }

# "?" urls - don't cache here
        location ~* \? {
            proxy_pass http://127.0.0.1:18888;
            proxy_set_header Host $host;
        }

# here is static caching

        location ~* ^/msdownload.+\.(cab|exe|psf)$ {
            root /.1/msupd/au.download.windowsupdate.com;
            error_page 404 = @fetch;
        }

        location @fetch {
            internal;

            proxy_pass http://127.0.0.1:18888;
            proxy_set_header Range '';
            proxy_set_header Host $host;

            proxy_store on;
            proxy_store_access user:rw group:rw all:rw;
            proxy_temp_path /.1/msupd/au.download.windowsupdate.com/temp;

            root /.1/msupd/au.download.windowsupdate.com;
        }

# error messages (if got err from squid)

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root html;
        }

    }
Received on Sun Dec 21 2008 - 14:07:09 MST