Re: Can I use Squid on this low end machine?

> I've currently have a Red Hat 5.0 Linux on a network with +/- 70 computers
> and it's doing all the routing to reach the internet with a ppp dial-up link
> (dynamic IP). It works fine, all clients are able to access the Internet
> with ip-masquerade running on the linux box.

All the rule books say don't run anything except a firewall on a
firewall machine. We are running the cache on an internal machine
(and actually re-proxying with CERN on the firewall, because we've
hacked CERN to cope with demand dialling to dynamic addresses).

> The machine is an old 486DX-33 with 16Mb and VL-BUS IDE controller on a
> 2.1Gb seagate hard disk.

Reference point. With 150MB of cache, a 486 SX/33, with DPT EATA
SCSI, runs about 10% CPU idle and about 20% for busy five minute
periods. There is no great disk activity with 32MB.

I think that you may run out of memory before you manage to use 2.1GB
of disk. (We ran at about 11MB for a 4MB store size and about 15MB
for an 8MB store size (after increasing the memory from 16 to 32MB)
on a 150MB cache (it's actually configured for 200MB, but it hasn't
stabilised yet. It looks like 200MB will give us a two week turnover
with a 36% hit rate (by accesses - by volume is worse because a lot
of the hits are If-Modified-Since and don't return a lot of data).

> Will I be able to run Squid on this machine? If yes, is there a particular
> version I should install rather than another because of this machine? I've
> seen something about a NOVM version. What kind of tune-ups would I need to
> do with the .conf file?

NOVM versions are obsolete; the only supported versions (2.x) have
this built in.

> There are, on the average, 3 to 4 users accessing the internet at a time.
> Sometimes I see 5 or 6 users, but I never saw more than this.
> I would like to try Squid for:
> - speed up "nearby" pages (they are NOT on an Intranet), since almost
> everybody retrieve always the same pages (local internet newspaper,
> altavista, etc).

Altavista's current cacheability is very poor; they do things like
generating forms type URLs to their advertisers so that they can
choose the GIF to show, rather than just using a cacheable pool of
GIFs.

> - provide access logs
> - use ban lists (prohibited sites using regular expression matches on xxx,
> sex, etc)
> - use time-limited access (some users will only be able to access the
> internet on lunch hour, for example)
> - provide some added security together with the firewall.

>

-- 
David Woolley - Office: David Woolley <djw@bts.co.uk>
BTS             Home: <david@djwhome.demon.co.uk>
Wallington      TQ 2887 6421
England         51  21' 44" N,  00  09' 01" W (WGS 84)