Hello,
The problem is quite simple to explain... but not to resolve ;)
600 networks with 8 clients (minimum) to connect to Internet through a proxy
(or a pool) and a banned sites list of 64.000 entries.
Filter the list is the biggest problem. I solve it (I hope)with a redirector
that queries a DB to allow or not access.
The design, I would like is something like this :
+ --INTERNET-+
| |
+-----+-----+ +----+--- +
+ Proxy 1 + + Proxy 2 +
+ FILTER + + FILTER +
+-----+-----+ +----+----+
| |
------+------------------+-------
| |
+-----+-----+ +----+--- +
+ Proxy 3 + + Proxy 4 +
+ CACHE + + CACHE +
+-----+-----+ +----+----+
The Proxies 3 and 4 act like caching, there are no redirector process there.
Clients only connect to Proxies 3 and 4.
If the requested object is not found then Proxies 3 and 4 ask to Proxies 1
and 2.
Proxies 1 and 2 acts as filter. There are redirector process on them.
Proxies 3 and 4 have a big cache (18 GB each) and proxies 1 and 2 a small (3
GB each).
With this design, Filter should be support a minder load.
First results arent bad but ... there are problems with CGI (poor
performance).
Like told in "the Tutorial on Configuring Hierarchical Squid Caches", Parent
should NOT handle CGI and other non-cachable requests.
But if I told the cache Proxies 3 and 4 to take directly the CGI requests,
there is a potential hole in the filter policy.
Any idea , suggestion ?
Last question :
When a request arrives, what does the proxy do ?
Does it look in his cache for the object or does it invoke the redirector
first ?
thanks for help
L. Giacobbe
Received on Thu Aug 19 1999 - 03:50:38 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:03 MST