Re: Proxy to-do list

From: Dancer <dancer@dont-contact.us>
Date: Wed, 14 Jan 1998 13:58:39 +1000

* Umm. We also need to add the change to /etc/init.d/squid to our machine
checklist. The default 80 seconds may be insufficient for a clean shutdown
of the box when the cache starts to get large. The timeout should always be
more than we need. Accordingly, it's been provisionally set to 600 seconds.

Dancer wrote:

> * Figure out the logging issues for critical errors (just about the only
> kind of log entries some software will produce)
> * Increase system-wide file-descriptor limit to some cheerfully
> ludicrous value: 16384 is a favourite. (That should be _more_ than
> more-than-we-think-we-need. I hope). Where? /etc/init.d/bootmisc.sh
> would be a favourite.
> * Establish a procedure for updating /etc/squid.blocked-domains (and
> later /etc/squid.rewriting-table). A small gadget can run off inetd to
> do this automatically, perhaps. It's simple enough, but I'd want some
> tight access controls on it. Those files really need to be updated
> across all the qldprx boxen at about the same time, and then the boxen
> reloaded as close as possible to all-together for best results.
> * Talk with Dan about cache-management. That's later today.
> * Test peering, and double-check configs.
> * ACCESS CONTROLS(!). I need ranges of addresses for peers, and for
> clients. A nice definitive list (and current too! *g*). Adding the
> access control will only take a little while (plus a long wait, watching
> the few minutes of keystrokes stretch out across the hours *wg*)
> * Making sure the resolver points to the best DNS sources (three by
> preference) with good world access, as well as fast access to schnet
> records.
> * Load-testing and metrics.
> * Stability testing. Hurt the boxen.
> * Anything else? What have I missed for them?
>
> (Autoproxy comes under the to-do list for the router (one of the
> routers, anyway). It needs to be finalised as well.)
>
> D
>
> --
> Did you read the documentation AND the FAQ?
> If not, I'll probably still answer your question, but my patience will
> be limited, and you take the risk of sarcasm and ridicule.

--
Did you read the documentation AND the FAQ?
If not, I'll probably still answer your question, but my patience will
be limited, and you take the risk of sarcasm and ridicule.
Received on Tue Jan 13 1998 - 20:00:56 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:24 MST