On Fri, Mar 13, 2009 at 2:43 PM, Squid@xxxxxxxxxxxxx <Squid@xxxxxxxxxxxxx> wrote: > Good afternoon, > > Our company is currently investigating the use of Squid as our Proxy solution (Secure Web Gateway?). I was curious if anyone out there has successfully installed and > managed a Production Squid environment > that would be about the complexity and size of the following (and I'd like some information on it): > > 1) 3,000 concurrent users > 2) Three sites > Primary Site: 100 Mb/sec Internet Connection > Secondary Site: 30 Mb/sec Internet Connection [This is used for a DR scenario only] > Tertiary Site: 45 Mb/sec Internet Connection [This is used for a DR scenario only] > 3) We are a Windows 2000/2003 Domain. It's a single forest with two (2) Child Domains. There is a firewall between the two (2) child domains. > 4) We need HA Pairs at each site, but because we have VMWare ESX 3.5 implemented at each site we are throwing around the idea of using 3-4 virtuals (or however many you > guys would recommend) and using our DR strategy for VM's to V2V to boxes to the other two (2) sites. > > Your input, comments, and questions would be greatly appreciated, thanks! Those numbers are not really THAT MUCH demanding (there are environments easily 10 times bigger). Making AD work in a firewalled environment is not really that easy (nor secure), but I'd assume that that side of things has already been covered. In general I'd advise AGAINST going virtual for the kind of loads squid performs, but I have no hard numbers to back this claim up. Also, if you can control your users' browsers' configuration (which would seem to be the case), having a proxy-pac-based HA solution is not hard. -- /kinkie