LAN proxy's and traffic reduction

Tobu · June 3, 2016, 2:13pm

Hello everyone!

Browsing the forum looking for something relevant to my home
project that I’m currently doing. The
project is based on minimalizing outgoing and incoming traffic on our LAN
network. The idea i had was to cache HTTP, HHTPS and DNS traffic because that’s
what majority out traffic is based on.

So i figured that ill spin up an Ubuntu 16.04 server and use
that, however I’ve been encountering some issues. The idea I had was to route
all the traffic Via the server so it would be cached there. However, I’ve read
that I cannot route traffic properly with one Ethernet-port (I’m using a
laptop). So I kind of scratched that idea.

So the second idea was that I would configure the router to
route the traffic to the local proxy then out on the internet. When I’m writing
this, this have not been done yet in my house. I’ve been messing with the idea
and i do think it would cause a loop where if client tries to goto Facebook (or
whatever), the router would route the traffic back into the network. then be
once more be routed back to the router and so on.

So my question to you guys is; Have any of you done
something simulate to this or have any tips on how to deal with the project.
Any tips is welcome :)

Services that I’m currently is running:

Bind9 (to cache DNS)
Squid3 (HTTPS and HTTPS caching)
ISC-DHCP-SERVER (to give out IP's on the network)
PS I will post the network plan when I'm done for those who are interested :)

Dexter_Kane · June 3, 2016, 2:21pm

You can do it without multiple network cards but you will have to configure your devices to use the proxy server, rather than using transparent mode as I believe that needs the second network interface.

You'll also need to build squid with the option that allows https rather than just using the package version. It's pretty dodgy though, and you'll need to install your self-signed CA in to all your devices otherwise you will get a warning on every site you go to.

Bind is easy enough to set up and run, you can set it to forward only so it looks up DNS records from another DNS server like your ISP or google or whatever. this may be faster. Or you can use the default which is to let it resolve records itself by looking up the top level domains.

Although how much bandwidth this will actually saves really depends on the number of simultaneous users you have on the network, I'd say that on a home network you probably won't see much of a difference.

Tobu · June 3, 2016, 2:38pm

Thanks for tips.

But any data saved is worth it when you're on a data cap plan :)