On 23/10/2013 7:34 p.m., Amos Jeffries wrote:
> On 23/10/2013 7:22 p.m., Dan Charlesworth wrote:
>> Very edifying. Thanks so much for that Amos.
>>
>> While the thread’s going, would you be able to elaborate at all on
>> the “trickery with multiple rules and IPs”?
>
> Well, normally you cant use more than 64K ports on one IP address. But
> you can setup multiple rules load balancing traffic across N Squid
> listening ports. This has a couple of useful side effects:
> 1) 64K ports multiplies up by N
> 2) Squid accept() rate limiters are also raised by a multiple of N.
> The default IIRC is up to 15 accept() every select loop. On high
> traffic load making that 15*N can be faster.
>
> This can be done to spread across either Squid listenng ports by port
> number, or by IP address, or both. This config example shows a good
> way to do it
> http://wiki.squid-cache.org/ConfigExamples/ExtremeCarpFrontend
Actually looking at that example it uses REDIRECT. I'm going to have to
partialy retract my statement about REDIRECT not being able to do it.
REDIRECT is limited to doing it only by port number. DNAT can do all
three permutations of IP/port/both.
Amos
Received on Wed Oct 23 2013 - 06:37:03 MDT
This archive was generated by hypermail 2.2.0 : Wed Oct 23 2013 - 12:00:06 MDT