On 11/6/06, Ian Lists <ian-list@insourced.us> wrote:
> The requirements are pretty simple, allow less then 50 users
> to about 25 sites, but it has to be HA.
Squid, like all application proxies, is not readily made truly "High
Availability", in that any active sessions will abend when one of the
proxy services/servers fails.
If you use a PAC file (proxy automatic configuration) you can run two
parallel instances of Squid on any operating system, and let the
browser deal with load-balancing and failover.
All modern graphical web browsers support PAC. For non-PAC-aware
tools you'll still need to set up a proxy hostname and some sort of
DNS mechanism to make this name resolve to one or both
active/functional gateways. But if your primary concern is just
browser access to 25 HTTP sites, this should not be an issue.
The biggest caveat to the PAC solution is that while all browsers will
failOVER to a secondary proxy with little or no problem, but some
versions of some browsers will just permanently give up on the primary
proxy, will never failBACK unless you reload PAC, clear cache, or exit
the browser.
Some browsers will reload PAC on a fixed interval, some will reload at
startup. I assume there are browsers out there which respect the
Expires: header, but I haven't found one yet (haven't been looking all
that hard).
Kevin
Received on Mon Nov 06 2006 - 14:53:07 MST
This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST