Kevin wrote:
>On 5/11/05, Hendrik Voigtländer <hendrik@voigtlaenders.net> wrote:
>
>
>>I need some help for deploying a second uplink.
>>
>>My setup is a simple:
>>A squid-backed to which users connect to use the net.
>>This squid forwards all traffic to a parent squid which is hooked up to
>>an ADSL-line. Works perfect.
>>
>>
>
>Can you explain the reasoning behind having a "backend" Squid server,
>separate from the "parent" Squid? Do both layers have similar policies
>for cache object size limits and cache_replacement_policy?
>
>
>
Security: The backend squid is located within the LAN and is separated
from the parent by a firewall.
Fallback: The backend squid can use another, very reliable line (not
ADSL) if the parents are down.
The parent is non-caching squid passing all traffic to the ADSL line.
>>But now we will get a second a line as we need more bandwith. The
>>question is: What is the easiest and proven way to realise load balancing?
>>
>>I have done some experiments with round-robin parents (2 adsl line = 2
>>parent proxies) but apparently some web application such as some
>>webmail-services are confused if they accessed from two different
>>ip-addresses simultanously.
>>
>>
>
>You might be able to get sufficient "stickiness" (so a given webmail session
>will tend to always make connections via the same parent rather than going
>round-robin) if you compile with --enable-icmp and configure the parent
>statements with closest-only. I have not tried this myself.
>
>
>
Sounds nice, but needs some testing.
>>My next idea would be to deploy some sort of routing at the parent
>>squid, which would be hooked up to both lines. IMHO prone to errors.
>>
>>I think I could setup two independent proxy chains (2 squid-backend, ech
>>connected to a parent squid connected to an adsl-line) and use the
>>proxy.pac for load-balancing. Sounds pretty easy, but I am not sure.
>>
>>
>
>This approach seems popular. Also, if your PAC lists both parents in
>each return (e.g. return("PROXY 10.1.1.1:3128;PROXY 10.1.1.2:3128");)
>you also get failover behavior. You just need to add logic into the PAC
>(or in the server returning the PAC to the client) so different
>clients try their
>parents in different orders.
>
>
>
Yes, I think I will seperate the client by subnets. On the other hand
doubling the number of squid installations will double the amount of
work/maintenance etc.
Failover is a nice feature but not requested by the clients.
Any other ideas?
Regards, Hendrik Voigtländer
Received on Wed May 11 2005 - 04:08:25 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:02 MDT