I am currently investigating Squid as a caching proxy option in my
environment to replace an existing commercial caching proxy deployment
running on commodity hardware. The two proxy servers are load balanced
behind a Cisco load balancer. Clients use a proxy pac file for browser
configuration. These are a snapshot of statistics from the current
proxys during a normal working day with around 6,000 potential users
but typically 2,000 connected through servers:
(requests are per second)
Server1
Current Peak
Browser connections 489 1633
Fill connections 396 1683
Browser requests 37 506
Fill requests 18 185
Server2
Current Peak
Browser connections 1090 2001
Fill connections 1031 2536
Browser requests 65 541
Fill requests 60 189
The statistics for bandwidth through the proxies varies but watching
it for awhile the highest it went was 850,000 bytes/second or 6.5
megabits/second per proxy.
I would redeploy the existing proxy hardware but with Squid. I'm not
sure what's sufficient, the FAQ and related pages on hardware are
dated. The specs on these two machines are:
HP Proliant DL380 G3
2.8 GHz Xeon CPU
2.5 GB PC2100 DDR RAM
6 36.4 GB 15K Ultra320 SCSI drives
Good enough?
I read in the FAQ that RAID 5 should not be used. What's the
suggestion on RAID 1 or using these 6 drives? Currently I have 164 GB
available for cache with around 1.9 million objects cached on each
server with around a 65% hit rate.
The OS would be Redhat Enterprise Server. Shouldn't be an issue and I
don't think I could get away with running fbsd.
Also, for web content filtering I am currently using N2H2 and from
talking with Secure Computing I should move to Smartfilter DA for
linux. Although the Squid compatability chart on Secure Computings
website doesn't list DA, only Squid support up to Smartfilter 4.0.1.
Nevertheless, are there any performance issues with respect to doing
on-box filtering? Any experience with Smartfilter {4.x, DA} + Squid?
Any other suggestions on performance tuning, async-io, etc?
Cheers
Chris
