[squid-users] Implementation recommendations?

From: Gaylord Van Brocklin <[email protected]>
Date: Thu, 10 Jun 2004 14:17:01 -0700

I am tasked with redesigning our current web proxy implementation to
fix performance issues as well as to bring software up to current
stable releases and just got through reading Duane's Squid book.

We currently have a single FreeBSD box with Squid cache, which forwards
all requests through a Trend AV proxy server, and out to the Internet
for web requests. Both of these boxes are duplicated, the Squid box,
running freevrrp for hot standby and the AV box with a manual failover.
  This setup supports about 20,000 users and sustains 10-13MBps during
6am-6pm.

Here is my first draft plan:

Reinstall the OS, FreeBSD 4.10-STABLE with all recommended and/or
required kernel tuning parameters including ephemeral ports, which we
are currently hitting the ceiling on (18GB disk for OS/apps, 18GB disk
for logs, 72GB disk for cache... all SCSI). Squid will be 2.5STABLE5
compiled with --enable-ipf-transparent and --enable-storeio=diskd,ufs,
cache_mem set to 384 MB and a single 60GB diskd cache_dir with noatime,
async, and softupdates enabled. This box will forward all requests to
the Trend Proxy for virus scanning.

My questions:

Is there a better way to make use of these two identical Squid boxes?
The second box will be a hot standby using freevrrp. Is there an easy
way to setup a load balanced pair that share cache dirs, and provide
100% uptime if one of the boxes crashes?

Same question goes for the AV servers... From what I read, I can setup
two cache_peers instead of one and it will use them both. If one dies,
it won't send traffic to that one anymore? Currently if the active AV
proxy dies, we have to change the squid config file to point to the
other IP address.

Is diskd a solid filesystem for this kind of load? Do multiple
cache_dirs across disks increase performance, or will the single one be
just as good? How about multiple cache_dirs on the same drive?

Thanks for the help!

-gvb
Received on Thu Jun 10 2004 - 15:17:35 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT