Re: Squid and NT

From: Merton Campbell Crockett <[email protected]>
Date: Sun, 1 Aug 1999 10:09:48 -0700 (PDT)

On Sun, 1 Aug 1999, Henrik Nordstrom wrote:

HN} Petar Nikolich wrote:
HN} >
HN} > from our central system that are a single NT4 server box. Rumour has it that
HN} > ports to NT are very much slower than the *nix versions but it has got
HN} > to be better than fighting with Microsoft Proxy2 ;-)

I can appreciate your problem. :-) My customer was a little put out with
"hiding" his WindowsNT servers and desktops behind Intel-based BSD/OS Unix
systems. We agreed to use Microsoft Proxy to provide user access to the
Internet.

When it was time to implement the HTTP Proxy service, I began researching
Microsoft Proxy to make sure we were doing the "right" thing and had all
of the bases covered. It was clear from the articles in the Microsoft
Knowledge Base that it wasn't the "right" approach for an HTTP Proxy
service that needed to support a mixture of Unix, VMS, and WindowsNT
systems.

The Microsoft Proxy client software only runs on the WindowsNT platform
and we discovered, quite by accident, that it can't be used on an IIS
system. The client software "captures" the ports served by the Microsoft
Proxy and redirects all traffic on those ports to the Proxy Server.

All Unix, VMS, and WindowsNT systems that could not run the client
software had to point their default address to the Microsoft Proxy
Server. This meant, in our case, that you now had to configure it as a
firewall and define every port that needed to be used.

It became abundantly clear that Squid offered a far better solution. The
solution that was quickly adopted was to run Squid from one of the Intel
boxes that was configured as a bastion host sitting astride the firebreak.

If you already have an Intel box available and some experience with a BSD
unix, installing BSD/OS 4.0.1 on the box might be a far more effective
solution than struggling with WindowsNT. For starters, you'll be able to
double the volume of traffic that you can process.

                             Merton Campbell Crockett
+---------------------------------------------------------------------------+
| Manager, Network Operations & Services | Senior Network/Security Engineer |
| GTE Government Systems Corporation | Naval Surface Warfare Center |
| Electronic Systems Division | Port Hueneme Division |
| Intelligence Systems Organization | IT/TIS Program |
| Thousand Oaks, CA | Port Hueneme, CA |
+---------------------------------------------------------------------------+
Received on Sun Aug 01 1999 - 11:05:47 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:47:49 MST