November 29, 2021
5 min read time

Varnish or Squid?

When you think of caching proxies and software for speeding up your website, you think about Varnish and Squid. But how do they compare? Which one is right for your web service?

 

Forward vs reverse proxies

Varnish and Squid have fundamentally different caching architectures. Squid is a forward proxy that can be configured as a reverse proxy, while Varnish is built specifically to be a reverse proxy and HTTP accelerator. That’s not to say that Squid is a poor reverse proxy, but the fact it wasn’t specifically designed for HTTP acceleration is something to keep in mind when thinking about performance and features. It is true that, as well as the reverse proxy use case, Squid’s philosophy is to support many use cases and protocols, and it has a good track record in this regard, as well as stability and security.

Varnish Vs Squid Diagrams - Reverse Proxy-1-1

The Varnish origin story

Varnish’s origins relate to an issue with Squid regarding performance and stability: two critical topics for modern web applications with high levels of traffic. Verdens Gang, Norway's largest online newspaper, grew to over 45 million page views per week, requiring 12 Squid servers even as page loads remained unacceptably slow. The Varnish project began with the need to improve this hardware efficiency and performance while coping with high traffic. Varnish handled the same traffic with 3 servers, simultaneously lowering average page loads from >150ms to under 30ms. The Varnish code was then open-sourced to share these benefits.

Varnish Vs Squid Diagrams - Servers-1-1

 

From Squid to Varnish

Many of our content delivery and broadcasting partners have made similar transitions from Squid to Varnish Enterprise. In a case study, RTÉ, the national broadcaster of Ireland, told us that Squid wouldn’t scale their website. They ran a large network of Squid servers but could only serve around 800 req/sec per server before performance degraded. After deploying Varnish Enterprise, RTÉ could reduce the number of servers in use while handling 10x more traffic, with significant improvements in both response time and availability.

 

Architectural differences

One reason for this performance and efficiency boost is that Squid is a single process running on one CPU core, while Varnish is heavily threaded and each client connection is handled by a separate worker thread. We’ve seen Varnish servers handle 300,000 req/sec, so it comes into its own when dealing with the traffic commonly experienced by websites today.

Varnish is closely aligned with modern hardware, allowing users to make more efficient use of higher memory densities. It has a greater understanding of how to best organize memory in different situations, taking over from the kernel the management and allocation of virtual memory and object replacement.

The Varnish Massive Storage Engine (MSE) is an advanced stevedore that handles storage of cached objects and their metadata, keeping track of object relevancy and purging decisions. MSE helps Varnish accurately determine which content to keep in memory, for higher efficiency, less pressure on disks and reduced I/O operations (a limiting factor in many SSD drives). Squid tries to keep disk and memory caches separate, which can result in inefficiencies when moving objects between the two.

For high numbers of requests per second, using memory only - rather than memory and disk - is also advantageous because caching servers are usually I/O-bound. Varnish can run memory only, employing a fair eviction strategy while Memory Governor self-regulates cache size to keep memory usage constant, taking into account other memory overheads.

 

Flexibility and customization

Another performance benefit comes from Varnish Configuration Language (VCL), the domain-specific language running in Varnish. It compiles down to machine code via C, with significant performance gains for setups involving edge logic. Offering complete flexibility for setting and executing caching policies on the fly, VCL makes Varnish the opposite of a black box. Varnish modules (VMODs) also extend VCL capabilities further and can be written to add new features at will. This is matched by the very detailed logs that Varnish produces for debugging, and fully fledged metrics and accounting systems useful for monitoring and health-checking.

Under The Hood Diagram-05

Support and development

Squid and Varnish originated in the open-source world. Squid is still maintained by volunteer effort and Varnish Cache by a community of developers, the primary contributors being Varnish Software. For some web services, 24x7x365 support, SLAs, fully stable releases and predictable development life cycles are important. Varnish Software offers this through the commercial software, Varnish Enterprise, with the resources to develop new features in response to customer needs. A fully managed service is also available. 

 

Where is Squid better?

One benefit Squid previously had was built-in TLS/SSL support. Varnish Caches offers Hitch, a TLS terminator for handling TLS connections, but Varnish Enterprise also offers very fast in-process TLS. In fact, it’s using this built-in TLS feature that helped Varnish Enterprise reach near 500 Gbps throughput for video traffic. Squid previously had better support for range and streaming delivery of objects. Now, with the upcoming Slicer VMOD, Varnish Enterprise has fully implemented byte-range caching for efficient delivery of large objects such as video.

In summary, Varnish is caching technology built for the modern internet and today’s architectures, for performance, scalability and efficiency that matches the most pressing web traffic and content delivery needs.

 

New call-to-action