Re: Large scale transparent proxying

On Thu, Oct 14, 1999 at 12:16:01PM +1000, Pete Yandell wrote:
> Has anyone out there done any large scale transparent proxying?

Yup, we're using 3 linux boxes (linux 2.2 now), 2 are PII 400 512MB RAM
2x9GB spooling disks (10kRPM), the newer one is a PIII 550 1GB RAM
4x18 GB spooling disk.

Works like a charm (~35 days of uptime, no glitch, last reboot was
due to moving them.

I'm currently loading the PIII more than the other, it's fed with
up to 45 http request / second, and gives out 300kBytes/s of http.

There's a little more than 4500 CATV users behind that.

load balancing is done with an Alteon ACE2.

> I'm running squid-2.2.STABLE4 under NetBSD 1.4.1 doing transparent
> proxying without caching, and with about 200 concurrent users (I don't
> have a figure for number of hits per second) the load gets really high
> (85% CPU usage or thereabouts) on a Pentium II 450 with 256Mb of RAM.
> A lot of that load seems to be system CPU time dealing with the
> required NAT translation.

Well, my proxy load seem to be mostly the kernel dealing with
socket and filedescriptor, and disk i/o (kernel cpu is ~2 times higer
than userspace)

> It seems to me that load shouldn't really be high...what it's doing is
> really pretty simple, especially given that it's not caching.
>
> Has anyone out there run any large transparent proxies? We need to
> scale this up for many more users and want to work out how we go about
> doing it. I'm happy to choose the OS and the platform to suit the
> task.

My CPU goes up to ~60% at peak hours, but this is I think an upper limit
not to go over.

> --
> Peter Yandell
> Chief Technology Officer
> Freeonline.com.au Pty Ltd
> peter_yandell@freeonline.com.au

-- 
Philippe Strauss, ingenieur reseau/systemes, Urbanet SA
philippe.strauss@urbanet.ch
tel +41 21 623 30 20
--