Lightweight and fast HTTP proxies

Submitted by Hannes Schmidt on Sat, 01/19/2013 - 17:24.

I recently evaluated several open-source HTTP proxy servers. I was looking for something lightweight and fast, without a persistent cache or with no cache at all.


Polipo would have been my first choice as it gets a lot of exposure by being included in the Tor browser bundle. Also, it is fast because it does non-blocking DNS resolution as opposed to using the blocking gethostbyname() resolver library function, which it can be configured to fall back to. Unfortunately, it is not actively maintained and it is unstable on Ubuntu 12.04. I tried the official package and built the latest trunk from source, no dice.

  • Pros: Fast, light-weight, comprehensive documentation, upstream SOCKS5 support.
  • Cons: Crashes randomly on Ubuntu 12.04, other platforms are probably ok.


Zipproxy might be of use for mobile clients but performance-wise it was underwhelming. It forks a process for every request. I am not sure why, maybe for DNS resolution. It can only restrict client access to a single IP or all IPs, CIDRs are not supported.

  • Pros: Content optimization like gzip compression/decompression, image optimization.
  • Cons: Slow, limited access control.


TinyProxy gets disqualified right off-the-bat for being sluggish. Consequently, I can't talk about its stability.

  • Pros: Well-structured and easy-to-use configuration
  • Cons: Slooooow, even though it seems to be pooling processes.


Tried and trusted Squid was what I ultimately settled on. Contrary to common belief, it is very lightweight, actually. A single process with just 4M resident memory. Running as a single process must mean that it uses non-blocking IO to handle multiple concurrent requests. Version 3.1 (the one in 12.04) doesn't exploit multiple cores, but version 3.2 does. Unfortunately, there is no backport of 3.2 available for 12.04.

Like Polipo, Squid does the DNS resolution itself by default, but can optionally use the system's resolver instead. Unlike Polipo, Squid uses a pool of child processes for that.

My pet peeve with Squid: Why on earth do these guys insist on documenting every single variant of every single option in the config file. The squid.conf is a giant, unmaintainable mess, and has been since I first used Squid in the early 2000s.

  • Pros: Stable, lightweight and reasonably fast, with support for ephemeral (non-persistent) caching, being default since squid3
  • Cons: Config hell

That's it for now. I am currently trying to build a Debian package for 3.2.x such that I can utilize the server's multiple cores.

Update: Did that, works well. I'll summarize the necessary changes in another post.

( categories: Unix | Administrator )
Submitted by Anonymous on Sat, 06/25/2016 - 00:20.
grep -v "^#" squid.conf.original > squid.conf to remove all comments.