Re: [squid-users] WCCP Squid recommendations from Valentin Chopov on 2003-05-19 (squid-users)

From: Valentin Chopov <valentin@dont-contact.us>
Date: Mon, 19 May 2003 14:52:57 -0400 (EDT)

Mike,

With WCCP v1 multiple cache servers can be used with the same Cisco
router.
The router will load balance the GRE packets with the
cache servers. So if you have a problem with the CPU load, you can
install an additional Squid box.
If you are going to run WCCP on multiple routers you can't use a single
cache server for all of them with WCCP v1. You have to configure at least
one cache server per router.
All activity thru http (WCCP v1 supports port 80 only) will come
from the cache servers. You have to keep access.log files for your records
or at least all POSTs ;)
Hope, this will help.

Val

On Mon, 19 May 2003, Mike McCall wrote:

> Hello,
>
> I'm sure there will be a collective groan from the group when you read this,
> but yes, I have a question about interception proxying. I have read as many
> of the newsgroup postings as I possibly can that deal with the subject, but
> I still have questions.
>
> First, here's our situation: We are a K-12 school district with roughly 3000
> machines that have the ability to access the internet, and according to CIPA
> requirements, have to be actively filtered for offensive/inappropriate
> content. I have successfully tested SquidGuard and DansGuardian and either
> will be fine for the filtering part, but the question remains as to how
> we're going to force all of the clients to use the proxy.
>
> We have Cisco routers that will do WCCP, so here are my questions: Is WCCP
> robust and fault-tolerant enough to handle a potential load of 3000 clients?
> If so, what kind of hardware should be on the Squid machine(s)? Which OS is
> best for this kind of work if the machine will be dedicated to Squid and
> nothing else (I was thinking OpenBSD, but am open to suggestions)? If we do
> implement WCCP, will we still be able to see client activity by IP
> (necessary for tracking down offending users) or will all activity appear to
> come from the squid machine? Has anyone had success using this kind of
> setup? Is there a better way to do this, other than having the users
> configure their browsers to use the proxy?
>
> Sorry for all of the questions. Thanks in advance for your help.
>
> Mike
>
>
>

==
Valentin S. Chopov, CC[ND]P
Sys/Net Admin
SEI Data Inc.
E-Mail: valentin@valcho.net
==
Received on Mon May 19 2003 - 12:53:02 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:45 MST