Re: connected users

From: Dancer <>
Date: Fri, 02 Jan 1998 09:39:11 +1000

We had the choice of transparent proxying, or port blocking.

We tried both, in that order.

Since traffic running through the proxy hierarchy costs _us_ less than non-proxied
traffic, it made economic sense for us to push everything through it that we could
(since the saving is about 40% on bandwidth costs for us). The redirector worked
well and silently and was good, but since the users didn't have to set proxy
settings, they didn't. Law of least effort.

So, we looked at all the browser-generated ftp traffic that was flowing, as well
as SSL and so forth, and finally bit the big one, and put the block on. We used
the redirection that we _had_ been using for proxying, and pointed it at a
shell-script running out of inetd, which patiently explained what they would have
to do.

It generated a few support calls (3 out of 170-something users..A good rate, I
feel), but everyone switched over painlessly, apart from that.

This was done on one of our leaf-nodes this last week. I expect one or two more
support calls before it's all over and done with. The end result is that it's cut
our bandwidth costs by about half for that node, which is an awesome saving.
Transparent proxying had only cut it by about 30%.

Considering this cost us nothing to implement, we were terribly pleased.

If you're interested at all in what the users saw, the script output can be had


Leigh Porter wrote:

> Dancer wrote:
> >
> > Block port 80. There's the simple answer. We're in the process of doing it
> > now.
> >
> > D
> >
> > Chuck Pitre wrote:
> >
> > > Is there anyway to tell how many people are actually using squid??
> > >
> > > I have currently 50+ modems that people connect to and I would like to
> > > know how many of them have the proxy setting on/off on their computer. If
> > > I have 40 modems active and only 2 connections.. then I know I have to
> > > find a better way to get people to use the proxy...
> Or use transparent proxying, that works as well and saves
> all the users calling to find out what happened :)
> --
> Leigh

Note to evil sorcerers and mad scientists: don't ever, ever summon powerful
demons or rip holes in the fabric of space and time. It's never a good idea.
ICQ UIN: 3225440
Received on Thu Jan 01 1998 - 15:48:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:17 MST