Hardware Requirements

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Hardware Requirements

Ariel-38
hello list, as estasn, I need your advice to the next stage

an ISP network with 500 users
I have a pentium 4 Dual Core + 4 GB ram + Sata 2 160 GB
Squid 3.1.xx + bridge + tproxy  + Centos 5.4 64 Bits

I would like to know your opinions about the hardware, if very small,
fine or need something bigger
what equipment do you recommend?

thanks
Reply | Threaded
Open this post in threaded view
|

Re: Hardware Requirements

Luis Daniel Lucio Quiroz-2
Le vendredi 18 juin 2010 09:47:22, Ariel a écrit :

> hello list, as estasn, I need your advice to the next stage
>
> an ISP network with 500 users
> I have a pentium 4 Dual Core + 4 GB ram + Sata 2 160 GB
> Squid 3.1.xx + bridge + tproxy  + Centos 5.4 64 Bits
>
> I would like to know your opinions about the hardware, if very small,
> fine or need something bigger
> what equipment do you recommend?
>
> thanks

How many hits are you specting  hits/min
if  under 200 hits/min then you are okay (as my experience has shown me)
Reply | Threaded
Open this post in threaded view
|

Need on squid.conf script reviews

Muhammad Nur Ihsan
Dear ALL,

Reviewed the result of calamaris log analysis of our designed squid in
Ubuntu Server 10.04 LTS, we are pleased to seek your kind support and
assistance for the following:
  1.. A guidance to make the better script within /etc/squid/squid.conf
  2.. On the cache statistic item at calamaris log analysis, we concern on
the bandwith saving result which is displaying 0% result. Any modification
could be recommended with our script to enhance the proxy performance and
better reliability? Please see the hereunder for your perusal.
---------------------Quoted-----------------------------------
#==================================$
# Proxy Server Versi 2.7.Stable7
# by [hidden email]
#==================================$
#################################################################
# Port
#################################################################
http_port 3128 transparent
icp_port 3130
prefer_direct off

#################################################################
# Cache & Object
#################################################################
cache_mem 1024 MB
cache_swap_low 98
cache_swap_high 99
max_filedesc 8192
maximum_object_size 1 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 4 bytes
ipcache_size 4096
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
cache_swap_log /var/log/squid/swap.state
dns_nameservers /etc/resolv.conf
emulate_httpd_log off
hosts_file /etc/hosts
half_closed_clients off
negative_ttl 1 minute

#################################################################
# Rules: Safe Port
#################################################################
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443   # https
acl SSL_ports port 563  # snews
acl SSL_ports port 873  # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports

#################################################################
# Refresh Pattern
#################################################################
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern (Release|Package(.gz)*)$        0       20%     2880
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire
ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90%
432000 override-expire ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200
override-expire ignore-no-cache
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200
override-expire ignore-no-cache
refresh_pattern -i \.(html|htm|css|js|php|asp|aspx|cgi) 1440 40% 40320
refresh_pattern .               0       20%     4320

#################################################################
# HAVP + Clamav
#################################################################
cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange
default

#################################################################
# HIERARCHY (BYPASS CGI)
#################################################################
#hierarchy_stoplist cgi-bin ? .js .jsp
#acl QUERY urlpath_regex cgi-bin \? .js .jsp
#no_cache deny QUERY

#################################################################
# SNMP
#################################################################
snmp_port 3401
acl snmpsquid snmp_community public
snmp_access allow snmpsquid localhost
snmp_access deny all

#################################################################
# ALLOWED ACCESS
#################################################################
acl enha src 192.168.17.0/24
http_access allow enha
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow enha
icp_access allow localhost
icp_access deny all
always_direct deny all

#################################################################
# Cache CGI & Administrative
#################################################################
cache_mgr [hidden email]
cachemgr_passwd XXXXXXX all
visible_hostname proxy.mts-nurulhuda-dempet.sch.id
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 second
logfile_rotate 14
---------------------Unquoted-----------------------------------
Need your correction, reviews and/or modification in due course.

Thanks & regards,
Muhammad Nur Ihsan
Grahamedia POP Demak & Mranggen ! Jl. Pemuda No. 52 Rt.002/Rw.007 Bintoro -
Demak !
Zip Code: 59511 ! Phone: 0291-685-200; Cell:
024-5019-0990/0888-250-1827/0812-821-2850 !
E-mail: [hidden email] ! Web: www.grahamedia.net.id !
YM ID: [hidden email] ! Skype ID: mnurihsan

Reply | Threaded
Open this post in threaded view
|

Re: Hardware Requirements

George Herbert
In reply to this post by Luis Daniel Lucio Quiroz-2
On Fri, Jun 18, 2010 at 11:40 AM, Luis Daniel Lucio Quiroz
<[hidden email]> wrote:

> Le vendredi 18 juin 2010 09:47:22, Ariel a écrit :
>> hello list, as estasn, I need your advice to the next stage
>>
>> an ISP network with 500 users
>> I have a pentium 4 Dual Core + 4 GB ram + Sata 2 160 GB
>> Squid 3.1.xx + bridge + tproxy  + Centos 5.4 64 Bits
>>
>> I would like to know your opinions about the hardware, if very small,
>> fine or need something bigger
>> what equipment do you recommend?
>>
>> thanks
>
> How many hits are you specting  hits/min
> if  under 200 hits/min then you are okay (as my experience has shown me)

Is that a single hard drive?


--
-george william herbert
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Hardware Requirements

Jakob Curdes

>>> an ISP network with 500 users
>>> I have a pentium 4 Dual Core + 4 GB ram + Sata 2 160 GB
>>> Squid 3.1.xx + bridge + tproxy  + Centos 5.4 64 Bits
>>>        
>> How many hits are you specting  hits/min
>> if  under 200 hits/min then you are okay (as my experience has shown me)
>>      
 From my experience you can do a lot more hits with that type of
machinery, although this depends on  a lot of factors, and also strongly
on the squid configuration.

JC
Reply | Threaded
Open this post in threaded view
|

Re: Hardware Requirements

George Herbert
On Fri, Jun 18, 2010 at 12:06 PM, Jakob Curdes <[hidden email]> wrote:

>
>>>> an ISP network with 500 users
>>>> I have a pentium 4 Dual Core + 4 GB ram + Sata 2 160 GB
>>>> Squid 3.1.xx + bridge + tproxy  + Centos 5.4 64 Bits
>>>>
>>>
>>> How many hits are you specting  hits/min
>>> if  under 200 hits/min then you are okay (as my experience has shown me)
>>>
>
> From my experience you can do a lot more hits with that type of machinery,
> although this depends on  a lot of factors, and also strongly on the squid
> configuration.

You can certainly do a lot more hits with something that's slightly
bigger;  With dual-CPU quad-core P4 boxes with 8 GB of RAM, 4x SATA HD
(root, 2x separate cache dirs, logs dir) and systems operating in 2-4
system cache groups I got 400+ hits/second in production and 600+ in
test.

The specific configuration here, with single CPU and less RAM and one
HD, is going to be less capacity than that.  But 120 times less?  That
suprises me...



--
-george william herbert
[hidden email]