Search squid archive

Re: Intercepting with iptables: DNAT vs REDIRECT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 23/10/2013 7:22 p.m., Dan Charlesworth wrote:
Very edifying. Thanks so much for that Amos.

While the thread’s going, would you be able to elaborate at all on the “trickery with multiple rules and IPs”?

Well, normally you cant use more than 64K ports on one IP address. But you can setup multiple rules load balancing traffic across N Squid listening ports. This has a couple of useful side effects:
 1) 64K ports multiplies up by N
2) Squid accept() rate limiters are also raised by a multiple of N. The default IIRC is up to 15 accept() every select loop. On high traffic load making that 15*N can be faster.

This can be done to spread across either Squid listenng ports by port number, or by IP address, or both. This config example shows a good way to do it http://wiki.squid-cache.org/ConfigExamples/ExtremeCarpFrontend

Amos




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux