LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-28-2009, 08:15 AM   #1
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Rep: Reputation: 30
Using Squid Proxy with Linux


I'm coming from a WIndows background and although I've used linux a few times, I'm now trying to run a proxy server and it's cheaper and more secure to run Linux.

I have the choice of:
Default Operating System: CentOS 5 with Parallels Plesk Panel 9

Altenative Operating Systems:

* openSUSE 11 minimal
* CentOS 5 minimal
* Debian 4.0 minimal
* Ubuntu 8.04 LTS minimal
* Ubuntu 6.06 LTS minimal

What's best?
Do all these have a desktop OS where you can view what you are doing with Windows or are they all simply root access command line installations?
 
Old 07-28-2009, 08:53 AM   #2
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 83
Prob CentOS is gonna suit you, simply because it has mostly GUI admin tools, and it is desktop based. It's also based on RedHat Enterprise, so it's an excellent OS also.
 
Old 07-28-2009, 09:35 AM   #3
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by irishbitte View Post
Prob CentOS is gonna suit you, simply because it has mostly GUI admin tools, and it is desktop based. It's also based on RedHat Enterprise, so it's an excellent OS also.
Do you think squid proxy would be a suitable proxy to use?
I just want to allow people to connect and have data relayed.

How much RAM would be required to run Squid Proxy for a number of users?
I realise there is no exact answer but a rough guide?
For example, I have a linux proxy server with 100Mbit mainly retransmitting and caching running video (I assume about 512kbps).
I'm guessing this could support up to 100 users or so but would 1GB RAM be enough?
Server would be something like:
# CPU: Athlon 3800+
# CPU Details: 2 x 2.0 GHz
# RAM: 1 GB RAM
# Hard Disks: 2 x 160 GB (RAID 1 Software
 
Old 07-28-2009, 10:51 AM   #4
baig
Member
 
Registered: Nov 2008
Location: وادی ھنزہ
Distribution: Solaris 5.10, Debian Server 5.2, CentOS 5.6
Posts: 226
Blog Entries: 3

Rep: Reputation: 38
You need CentOS for that purpose.. Its like RHEL and would be easy and simple to configure as described in above post, I'm using it and found it very easy as conp to Fedora and Ubuntu.

I do use CentOS but sorry I personally have no idea of required resources.. but i think all config are very good and not sure about 1GB RAM..


Cheers!!
 
Old 07-28-2009, 01:33 PM   #5
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,062

Rep: Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893
You could use any of the above, but for this kind of application (a server) you want something that will get bug/security fixes for a while, which would make suSE 11 and Ubuntu 6.06 less good choices.

Quote:
Do all these have a desktop OS
I think you mean do they have a graphical user interface. In which case, the answer is that they have what you choose to install and don't have what you choose to leave out.

I'm guessing that you want one, for ease of use, even though it will be less secure and use up some memory. These may not be the biggest considerations in some circumstances, but don't dismiss the idea of using something like webmin to admin your server.

Quote:
Do you think squid proxy would be a suitable proxy to use?
I just want to allow people to connect and have data relayed.
You don't seem to have high expectations, in that you don't seem to want a speed up and you don't seem to want blocking or anything, so it can do everything that you have asked for

Quote:
...up to 100 users or so but would 1GB RAM be enough?
Server would be something like:
# CPU: Athlon 3800+
# CPU Details: 2 x 2.0 GHz
# RAM: 1 GB RAM
# Hard Disks: 2 x 160 GB (RAID 1 Software
I haven't tried with anything like these numbers, but my 'gut feel' is that more ram would be better; even if all the ram was available for caching (& you are bound to lose some to the OS, buffers, networking...) that would represent an average of 10M per user. In the end, all this comes down to is that some of the time your users will be requesting something that has just been deleted from ram, under memory pressure from newer requests for data.

To be honest, the best advice is to build it and make some measurements. Different user profiles will make quite a difference (do all users have the same peak usage times? is there much commonality between the data that they request?)

If this is new hardware, it would be a good idea to check how much memory your motherboard can support and try to select one that would allow you to add the maximum.

From my point of view, and I'm not a notable lover of raid by any means, I'd just build it with a simple single disk and see if that represents a bottleneck; my feeling is that it won't, unless the box is swapping because it doesn't have enough ram. (And, if it does start doing much swapping, the performance will plummet.)

HTH
 
Old 07-28-2009, 06:03 PM   #6
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 83
Yup, see Salasi's post, I agree with everything he says. I would suggest a testbed server, with your spec, and if needs be upgrade the RAM, and implement RAID to speed things up. In general I find with file servers that the more RAM the better, so if you can afford more, go for more. It is the easiest way to up performance, even on mediocre hardware.

Just as an example, I am running a File/Directory server for about 50 / 60 users, IBM x3400, quad core intel processors, 8GB of RAM and a single 500GB disk that I backup regularly. It is the business, no probs with bottlenecks!

Last edited by irishbitte; 07-28-2009 at 06:05 PM.
 
Old 07-31-2009, 07:55 PM   #7
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Sounds like I can start with 2Gb RAM then and upgrade if needed.
I ma not fully aware of profiles re times and stuff on the proxy server as it is not running yet. From what is said above it sounds like 2GB RAM won't support that many users ir 8RAM is supporting 50?

I would need the proxy server to do:
routing of connections
allowing username and password logon
possibly the occasional block for hacking IPs
possibly restricting bandwidth for certain logons
 
Old 08-01-2009, 03:47 AM   #8
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,062

Rep: Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893
Quote:
Originally Posted by qwertyjjj View Post
Sounds like I can start with 2Gb RAM then and upgrade if needed.
Well, yes, but I am not sure that you are really grasping the point that you can make either more or less RAM work, until you define work as 'such and such a hit rate' or 'such and such a decrease in data traffic on the external net interface' because only then, when you have defined work to include something about performance, can performance be an issue.

Quote:
From what is said above it sounds like 2GB RAM won't support that many users ir 8RAM is supporting 50?
Not clear what that means, and I don't know what previous post you are referring to with "8RAM is supporting 50", assuming that is supposed to refer to someone else's contribution to this thread.
 
Old 08-01-2009, 04:05 AM   #9
EricTRA
LQ Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295
Hello,

I'm setting up Squid too and was confronted with most of the questions you are having right now. My server is running Debian 5, but without the GUI. If I want to work with a GUI I turn to a Windows workstation Guess I'm one of those console guys.

I copied this from O'Reilly - Squid The Definitive Guide hoping it might clear up some of your questions about hardware requirements. For what concerns OS I can only agree that taking into account security level you'll probably have to go with a distro that gets bug/security fixes regularly patched (like Debian .

Quote:
Squid's hardware requirements are generally modest. Memory is often the most important resource. A memory shortage causes a drastic degradation in performance. Disk space is, naturally, another important factor. More disk space means more cached objects and higher hit
ratios. Fast disks and interfaces are also beneficial. SCSI performs better than ATA, if you can justify the higher costs. While fast CPUs are nice, they aren't critical to good performance.

Because Squid uses a small amount of memory for every cached response, there is a relationship between disk space and memory requirements. As a rule of thumb, you need 32 MB of memory for each GB of disk space. Thus, a system with 512 MB of RAM can support a 16-GB disk cache. Your mileage may vary, of course. Memory requirements depend on factors
such as the mean object size, CPU architecture (32- or 64-bit), the number of concurrent users, and particular features that you use.

People often ask such questions as, "I have a network with X users. What kind of hardware do I need for Squid?" These questions are difficult to answer for a number of reasons. In particular,
it's hard to say how much traffic X users will generate. I usually find it easier to look at bandwidth usage, and go from there. I tell people to build a system with enough disk space to hold 3-7 days worth of web traffic. For example, if your users consume 1 Mbps (HTTP and FTP
traffic only) for 8 hours per day, that's about 3.5 GB per day. So, I'd say you want between 10 and 25 GB of disk space for each Mbps of web traffic.
Hope this helps you clear some of the doubts and/or questions.

Kind regards,

Eric

PS: This is also a great resource in my opinion: Squid Wiki

Last edited by EricTRA; 08-01-2009 at 04:11 AM. Reason: Added PS
 
Old 08-01-2009, 04:38 AM   #10
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
I have got no idea why people are forcing on huge RAM for squid. If you are not running graphical then 2gb is gotta be enough for you. But it will also depend on how much clients you are going to serve. Earlier I had a running squid on a old p3 machine with 512megs ram serving about 40 clients without any issues or bandwidth or speed lag. Now I have upgraded the machine to a pentium dual core with 1 gig of ram. And obviously do not run gnome or kde but it keeps more than 50% of ram free.
 
Old 08-01-2009, 12:13 PM   #11
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by linuxlover.chaitanya View Post
I have got no idea why people are forcing on huge RAM for squid. If you are not running graphical then 2gb is gotta be enough for you. But it will also depend on how much clients you are going to serve. Earlier I had a running squid on a old p3 machine with 512megs ram serving about 40 clients without any issues or bandwidth or speed lag. Now I have upgraded the machine to a pentium dual core with 1 gig of ram. And obviously do not run gnome or kde but it keeps more than 50% of ram free.
I suppose it depends on how squid is used.
If squid is used as a simple proxy just relaying connections without storing much of the data for caching does it need much disk space?

I mean if you need:
Quote:
Thus, a system with 512 MB of RAM can support a 16-GB disk cache. Your mileage may vary, of course.
Most servers are in the region of 160Gb+, this would be an extraordinary amount or RAM needed.


Can squid limit bandwidth for each user?
The line I have can support up to 100Mbits so that's a fair whack. Each user might only need 1Mbps each.

Last edited by qwertyjjj; 08-01-2009 at 12:15 PM.
 
Old 08-01-2009, 12:27 PM   #12
EricTRA
LQ Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295
Hello,

Providing that you have a version of squid compiled with "--enable-delay-pools", you'll need to add something like this to squid.conf:
Code:
acl ip_1 src 192.168.11.11/255.255.255.0
delay_pools 1
delay_class 1 1
delay_parameters 1 2200/4000
delay_access 1 allow ip_1
The above code is for the user who has IP 192.168.11.11 and will kick in when the user has downloaded 2200 bytes. After that his connection will be 32 kbps. ( 2200/4000 means that after having received 2200 bytes the speed will be limited to 4000 which is 32 kpbs).

In regards to RAM I wouldn't worry too much. I'm sure that with the current prices for RAM, IF you encounter problems, it's easily added, or problems could also be resolved changing the Squid configuration somehow. Furthermore I agree totally with linuxlover.chaitanya that you should not use a GUI on a dedicated server since it consumes a lot of your resources.

Kind regards,

Eric

Last edited by EricTRA; 08-01-2009 at 12:30 PM.
 
Old 08-01-2009, 12:34 PM   #13
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by EricTRA View Post
Hello,

Providing that you have a version of squid compiled with "--enable-delay-pools", you'll need to add something like this to squid.conf:
Code:
acl ip_1 src 192.168.11.11/255.255.255.0
delay_pools 1
delay_class 1 1
delay_parameters 1 2200/4000
delay_access 1 allow ip_1
The above code is for the user who has IP 192.168.11.11 and will kick in when the user has downloaded 2200 bytes. After that his connection will be 32 kbps. ( 2200/4000 means that after having received 2200 bytes the speed will be limited to 4000 which is 32 kpbs).

In regards to RAM I wouldn't worry too much. I'm sure that with the current prices for RAM, IF you encounter problems, it's easily added, or problems could also be resolved changing the Squid configuration somehow. Furthermore I agree totally with linuxlover.chaitanya that you should not use a GUI on a dedicated server since it consumes a lot of your resources.

Kind regards,

Eric
Interesting.
Is it possible to this with logins with squid?
eg login xxx@xxx.com by email address?

Secondly - is there an option in Squid to link it to a MySQL database to check logins?
 
Old 08-01-2009, 12:56 PM   #14
EricTRA
LQ Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295
Hello,

Haven't gone on that path yet (the user login), so sorry cannot give you an answer from the top of my head.

I seem to remember that there is/was some kind of MySQL patch for Squid but don't quite know what possibilities it offers. You might want to have a look at the mail archive of Squid Users at Mail Archive.

That's a resource that I frequently use because you can communicate with developers from Squid. And if they don't know it, then it's not possible, or has to be programmed.

Hope that helps you out somewhat. When I'm at work Monday, I'll have a look at what I've already gathered in regards to Squid and if something pops out, I'll let you know.

Kind regards,

Eric
 
Old 08-01-2009, 06:48 PM   #15
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by EricTRA View Post
Hello,

Haven't gone on that path yet (the user login), so sorry cannot give you an answer from the top of my head.

I seem to remember that there is/was some kind of MySQL patch for Squid but don't quite know what possibilities it offers. You might want to have a look at the mail archive of Squid Users at Mail Archive.

That's a resource that I frequently use because you can communicate with developers from Squid. And if they don't know it, then it's not possible, or has to be programmed.

Hope that helps you out somewhat. When I'm at work Monday, I'll have a look at what I've already gathered in regards to Squid and if something pops out, I'll let you know.

Kind regards,

Eric
Hi
Thanks for the links - the mail archive is as it says - an archive so I have found some mysql auth things on there that I'll look at.
What is the developerslink site as the Mail Archive doesn't seem to have the ability to post?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
configure squid proxy with cc proxy as a parent proxy faisi Linux - Networking 1 08-10-2010 01:16 PM
configure squid proxy with microsoft proxy as a parent proxy nintykola Linux - Software 1 08-28-2007 01:38 AM
Linux Proxy - Squid? turbo_acura Linux - Networking 2 01-29-2005 08:14 AM


All times are GMT -5. The time now is 02:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration