> I've currently have a Red Hat 5.0 Linux on a network with +/- 70 computers
> and it's doing all the routing to reach the internet with a ppp dial-up link
> (dynamic IP). It works fine, all clients are able to access the Internet
> with ip-masquerade running on the linux box.
All the rule books say don't run anything except a firewall on a
firewall machine. We are running the cache on an internal machine
(and actually re-proxying with CERN on the firewall, because we've
hacked CERN to cope with demand dialling to dynamic addresses).
> The machine is an old 486DX-33 with 16Mb and VL-BUS IDE controller on a
> 2.1Gb seagate hard disk.
Reference point. With 150MB of cache, a 486 SX/33, with DPT EATA
SCSI, runs about 10% CPU idle and about 20% for busy five minute
periods. There is no great disk activity with 32MB.
I think that you may run out of memory before you manage to use 2.1GB
of disk. (We ran at about 11MB for a 4MB store size and about 15MB
for an 8MB store size (after increasing the memory from 16 to 32MB)
on a 150MB cache (it's actually configured for 200MB, but it hasn't
stabilised yet. It looks like 200MB will give us a two week turnover
with a 36% hit rate (by accesses - by volume is worse because a lot
of the hits are If-Modified-Since and don't return a lot of data).
> Will I be able to run Squid on this machine? If yes, is there a particular
> version I should install rather than another because of this machine? I've
> seen something about a NOVM version. What kind of tune-ups would I need to
> do with the .conf file?
NOVM versions are obsolete; the only supported versions (2.x) have
this built in.
> There are, on the average, 3 to 4 users accessing the internet at a time.
> Sometimes I see 5 or 6 users, but I never saw more than this.
> I would like to try Squid for:
> - speed up "nearby" pages (they are NOT on an Intranet), since almost
> everybody retrieve always the same pages (local internet newspaper,
> altavista, etc).
Altavista's current cacheability is very poor; they do things like
generating forms type URLs to their advertisers so that they can
choose the GIF to show, rather than just using a cacheable pool of
GIFs.
> - provide access logs
> - use ban lists (prohibited sites using regular expression matches on xxx,
> sex, etc)
> - use time-limited access (some users will only be able to access the
> internet on lunch hour, for example)
> - provide some added security together with the firewall.
>
--
David Woolley - Office: David Woolley <[EMAIL PROTECTED]>
BTS Home: <[EMAIL PROTECTED]>
Wallington TQ 2887 6421
England 51 21' 44" N, 00 09' 01" W (WGS 84)
