[squid-users] [EXTERNAL] FreeBSD 12 thousands connections

Tue Mar 21 22:08:21 UTC 2023

Hey,

I know that the choice was made to use FreeBSD 12...
But I can suggest to use Linux and not FreeeBSD.
I have not tested this for a very long time but the last time I checked Linux was handling network traffic better then FreeBSD.
I also believe that if you would have any issues, you would be able to get better support on a Linux rather than FreeBSD.

Also, it is really important to know if you will be intercepting traffic in a TPROXY or NAT mode.
And the most important thing is to know that you will be facing a testing and integration period.
You might expect your 3k clients to use only 12k connections max but it's plausible to assume that it will
be much more when there would be load on the network.
Assuming a client will use Firefox, it has a pool of 6 connections per server and 900 maximum connections for the browser.
If you will take a simple website like yahoo or any other modern site you will face multiple servers for the same page..
which means that the connections per client will be more than double 4.

So, my recommendation is to take a Linux system either Debian, Ubuntu, CentOS, Alma, Oracle, Other
and use the machine only as a Router to see the number of connections you have on the network on peak hours.
If you do have another device on the network that is capable of providing the statistics for web (ports 80 and 443)
connections feel free to use that to make sure that your capacity planning is accurate.

Yours,
Elezer

----
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1ltd at gmail.com
Web: https://ngtech.co.il/
My-Tube: https://tube.ngtech.co.il/

-----Original Message-----
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Periko Support
Sent: Monday, 20 March 2023 20:23
Cc: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] [EXTERNAL] FreeBSD 12 thousands connections

This will be MITM Transparent Proxy.
No User Auth.
Thanks for your help.

On Mon, Mar 20, 2023 at 11:08 AM Joey Officer <JOfficer at istreamfs.com> wrote:
>
> Will the users require authentication?  Depending on what authentication is active, you'd probably want to increase the minimum amount of auth helpers to satisfy the requests.
>
> That said, you really haven't given enough information about your specific use.
>
> -----Original Message-----
> From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Periko Support
> Sent: Monday, March 20, 2023 12:38 PM
> To: squid-users at lists.squid-cache.org
> Subject: [EXTERNAL][squid-users] FreeBSD 12 thousands connections
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
> Hello guys.
>
> I 'm going to run a squid-proxy for around 3000 users simultaneously.
>
> The server is a Supermicro Intel 8 cores with 64GB RAM, SSD disk, I will not enable caching.
>
> The switches are 1GB HP.
>
> Any recommendations for this deployment that could help tuning my FreeBSD 12.3 box to take into consideration?
>
> Thanks all for your time!!!
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users