On 6/27/05, Ralf Hildebrandt <Ralf.Hildebrandt@charite.de> wrote:
> Is there a "default" solution for clustering multiple Squid proxies in
> a way that is transparent to the user?
The cheapest solution is to use round robin DNS records. If you
are using Cisco routers, you can look at IOS SLB, included in some
router feature sets.
> We have 3 proxies, and "load-balance" the requests using a proxy.pac
> files. Unfortunately this doesn't work properly, since some people
> don't use that autoconfigration file :(
Assuming a big budget, check out Radware's Cache Server Director:
http://www.radware.com/content/products/csd/default.asp
> So basically we need some sort of load balancing (or a quasi-random
> distribution of the users' request onto the 3 servers) in a way that
> makes sure that a user always uses the same proxy for any given
> destination host (I assume that some net-banking applications get
> suspicious if the same session originates from different source IPs).
While there are a few webmail and banking services (e.g. Wachovia)
which will kill a session if the visible source IP address changes, I've
only found a half dozen sites that are really sensitive to this.
An ugly hack to get around this problem would be to deploy NAT
outside the squid servers, so all connections always appear to be
sourced from a single IP address.
Kevin Kadow
Received on Mon Jun 27 2005 - 13:00:52 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jul 01 2005 - 12:00:03 MDT