Hi, I'm at an educational establishment, with approx 2500 desktops. We have had a restrictive web access policy implemented with a web cache/filtering proxy appliance. User browsers are configured by a PAC file and web proxy auto discovery. They authenticate against the appliance with NTLM We plan on changing that policy to something much less restrictive, but one of the technical issues we are expecting is an increase in web traffic usage. Currently we use 60Mb/s at peak times ( with 97% of that being http traffic ), with our network connection being rated at 100Mb/s We'd like to manage the amount of bandwidth that we use at our site connecting to high traffic sites like youtube/vimeo/bbc, so that there is always capacity for critical web applications, for example online examinations. The filter/proxy appliance does not have any options for limiting bandwidth One of the ways we are investigating would be to use a squid web cache and delay_pools. We would try to identify high bandwidth/popular sites, and either use a PAC file so clients chose the bandwidth restricting cache, or use a cache chaining rule on the filter/proxy appliance, to pass requests for particular sites to the bandwidth restricting cache. If users connect to the squid cache directly we would authenticate using Kerberos/NTLM for windows clients and Basic for others. Does this approach seem valid ? What kind of resource would the squid cache require ( RAM/CPU ... ) Regards, Alan Dawson -- "The introduction of a coordinate system to geometry is an act of violence"
Attachment:
signature.asc
Description: Digital signature
