Am 18.3.2011 18:23, schrieb Edouard Zorrilla:
> My scenario is to use two Squids working as forwarding proxy : SquidA
> and SquidB. If SquidA fails users should be switched to the SquidB.
>
> If I decide to go with PAC files the workstation is the one that
> decide where to go. My concern is, where should I store the PAC file
> so that It can also be redundant let say saved in two places ?
Well if you failover the IP that squid is bound to (which is a standard
procedure in linux HA) the "switching" of the users is done transparently.
If you use NTLM-like authentication against an AD controller with
winbind, the users will be reauthenticated, but transparently. Otherwise
-with plain text auth- users might need to reauthenticate.
If you store the PAC file on both servers (can be synced e.g. via rsync)
and move the HTTP server along with the squid, then the users will
always be presented with the same information via the same IP address.
Depending on the failover timing settings there might be an outage of a
minute or so, which is normally not a problem for web surfing.
But, a hint that is valid for all HA configurations: use test systems
for the setup before you go into production. HA is too complicated for
playing around and you can be left without internet access if you make
errors.
Best regards,
Jakob Curdes
Received on Sat Mar 19 2011 - 09:13:15 MDT
This archive was generated by hypermail 2.2.0 : Mon Mar 21 2011 - 12:00:01 MDT