On 5/11/05, Hendrik Voigtländer <hendrik@xxxxxxxxxxxxxxxxx> wrote: > I need some help for deploying a second uplink. > > My setup is a simple: > A squid-backed to which users connect to use the net. > This squid forwards all traffic to a parent squid which is hooked up to > an ADSL-line. Works perfect. Can you explain the reasoning behind having a "backend" Squid server, separate from the "parent" Squid? Do both layers have similar policies for cache object size limits and cache_replacement_policy? > But now we will get a second a line as we need more bandwith. The > question is: What is the easiest and proven way to realise load balancing? > > I have done some experiments with round-robin parents (2 adsl line = 2 > parent proxies) but apparently some web application such as some > webmail-services are confused if they accessed from two different > ip-addresses simultanously. You might be able to get sufficient "stickiness" (so a given webmail session will tend to always make connections via the same parent rather than going round-robin) if you compile with --enable-icmp and configure the parent statements with closest-only. I have not tried this myself. > My next idea would be to deploy some sort of routing at the parent > squid, which would be hooked up to both lines. IMHO prone to errors. > > I think I could setup two independent proxy chains (2 squid-backend, ech > connected to a parent squid connected to an adsl-line) and use the > proxy.pac for load-balancing. Sounds pretty easy, but I am not sure. This approach seems popular. Also, if your PAC lists both parents in each return (e.g. return("PROXY 10.1.1.1:3128;PROXY 10.1.1.2:3128");) you also get failover behavior. You just need to add logic into the PAC (or in the server returning the PAC to the client) so different clients try their parents in different orders. Kevin Kadow