On Sun, 09 Jun 2013 12:29:37 +0300
Eliezer Croitoru <eliezer_at_ngtech.co.il> wrote:
> I have seen http://www.squidblacklist.org/ which is a very nice idea
> but I am wondering if squid.conf and other squid products are the
> good choice for any place.
>
> For a mission critical proxy server you will need to prevent any
> "reload" of the proxy which can cause a *small* download corruption.
> I know that admins most of the time don't think about reload of a
> process but it can cause some department in the enterprise a problem.
> From the ISP point of view you must prevent any problem to the
> client.
>
The timeout period experienced while reloading a squid proxy with, say,
an acl like squid-prime.acl which has around 1 million urls or more in
it. Certainly does result in a temporary disruption of service, however.
I believe one easy solution to this
may be to simply temporarily redirect your web traffic to
another squid proxy while you are reloading -k reload or even
restarting squid for a temporary period of say a couple of minutes as
this period usually does not take more than a minute or so.
Or rather you could just have siblings or a parent proxy. When
sibling or parent proxy is unavailable while reloading squid for the
filters, the other proxy would bypass the sibling reloading and "go
direct". I know this works for a squid proxy sibling or parent that is
unreachable. I havent tested if it works for a reloading squid yet, But
I will do this today.
Also if you have a solution that works, please share a link with us.
-
Signed,
Fix Nichols
http://www.squidblacklist.org
Received on Sun Jun 09 2013 - 13:47:10 MDT
This archive was generated by hypermail 2.2.0 : Sun Jun 09 2013 - 12:00:04 MDT