Re: Question about Proxy with high load and big banned sites list

From: Dancer <[email protected]>
Date: Fri, 20 Aug 1999 09:26:17 +1000

Luigi Giacobbe wrote:
>
> Hello,
>
> The problem is quite simple to explain... but not to resolve ;)
>
> 600 networks with 8 clients (minimum) to connect to Internet through a proxy
> (or a pool) and a banned sites list of 64.000 entries.
> Filter the list is the biggest problem. I solve it (I hope)with a redirector
> that queries a DB to allow or not access.
>
> The design, I would like is something like this :
>
> + --INTERNET-+
> | |
> +-----+-----+ +----+--- +
> + Proxy 1 + + Proxy 2 +
> + FILTER + + FILTER +
> +-----+-----+ +----+----+
> | |
> ------+------------------+-------
> | |
> +-----+-----+ +----+--- +
> + Proxy 3 + + Proxy 4 +
> + CACHE + + CACHE +
> +-----+-----+ +----+----+
>
> The Proxies 3 and 4 act like caching, there are no redirector process there.
> Clients only connect to Proxies 3 and 4.
> If the requested object is not found then Proxies 3 and 4 ask to Proxies 1
> and 2.
> Proxies 1 and 2 acts as filter. There are redirector process on them.
> Proxies 3 and 4 have a big cache (18 GB each) and proxies 1 and 2 a small (3
> GB each).
> With this design, Filter should be support a minder load.
> First results arent bad but ... there are problems with CGI (poor
> performance).
> Like told in "the Tutorial on Configuring Hierarchical Squid Caches", Parent
> should NOT handle CGI and other non-cachable requests.
> But if I told the cache Proxies 3 and 4 to take directly the CGI requests,
> there is a potential hole in the filter policy.
> Any idea , suggestion ?
>
> Last question :
> When a request arrives, what does the proxy do ?
> Does it look in his cache for the object or does it invoke the redirector
> first ?
>
> thanks for help
>
> L. Giacobbe

Redirectors are called first for incoming HTTP and ICP requests.

D
Received on Thu Aug 19 1999 - 17:07:55 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:04 MST