On 11/6/06, Ian Lists <ian-list@xxxxxxxxxxxx> wrote:
The requirements are pretty simple, allow less then 50 users to about 25 sites, but it has to be HA.
Squid, like all application proxies, is not readily made truly "High Availability", in that any active sessions will abend when one of the proxy services/servers fails. If you use a PAC file (proxy automatic configuration) you can run two parallel instances of Squid on any operating system, and let the browser deal with load-balancing and failover. All modern graphical web browsers support PAC. For non-PAC-aware tools you'll still need to set up a proxy hostname and some sort of DNS mechanism to make this name resolve to one or both active/functional gateways. But if your primary concern is just browser access to 25 HTTP sites, this should not be an issue. The biggest caveat to the PAC solution is that while all browsers will failOVER to a secondary proxy with little or no problem, but some versions of some browsers will just permanently give up on the primary proxy, will never failBACK unless you reload PAC, clear cache, or exit the browser. Some browsers will reload PAC on a fixed interval, some will reload at startup. I assume there are browsers out there which respect the Expires: header, but I haven't found one yet (haven't been looking all that hard). Kevin