RE: [squid-users] Bypass Squid

From: Brad Taylor <btaylor@dont-contact.us>
Date: Wed, 15 Sep 2004 15:00:35 -0400

What about something like this?

#!/bin/sh
while [ 1 ]; do
    TEST_SQUID=`netstat -a | grep -c https
    if [ "$TEST_SQUID" -gt 0 ]; then
        something here that starts forwarding https (iptables or
xinetd)?
    fi
    sleep 60
done

and other

#!/bin/sh
while [ 1 ]; do
    TEST_SQUID=`netstat -a | grep -c :httpd
    if [ "$TEST_SQUID" -gt 2 ]; then
        something here that starts forwarding https (iptables or
xinetd)?
    fi
    sleep 60
done

I think I would also need a way of combining these into one.

-----Original Message-----
From: Hendrik Voigtländer [mailto:hendrik@voigtlaenders.net]
Sent: Tuesday, September 14, 2004 2:01 PM
To: Chris Perreault
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Bypass Squid

Chris Perreault wrote:
> I agree...and assummed he knew this too. He wanted users to end up at
a
> different physical server and without a second failover solution that
was
> the only thing I could think of to try and explain how users ended up
at his
> servers. Once you hit squid, you are there. If you look for squid and
it's
> failed, you are stuck, it can't just pass you through anyways.
>
Exactly :-)

I think your mentioned "second failover" would be the solution. Two
squid boxes either with a load balancer(s) or a cluster software should
do the trick, but the ultimate goal would be to eliminate all single
point of failures. Internet connection, firewall, reverse proxy,
webserver, databases.... On the other hand HA systems are more complex
and may fail to switch over if the time has come.

A simpler approach would be to make every box as reliable as possible.
Decent hardware, a hardened setup, a good monitoring, a standby server
and an operator in stand-by (hope I found the right word for this :-).
There is no use to build an HA system on crappy hardware...

As for squid I think it can run ages without any problem, I have never
seen squid itself crashing on its own, it was always my fault - e.g.
misconfiguration.

Regards, Hendrik Voigtländer
Received on Wed Sep 15 2004 - 13:00:48 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT