[squid-users] Squid for windows Very slow downloads of large files through squid with normal uploads

Keith Hartley Keith.Hartley at geocent.com
Fri Mar 23 15:48:51 UTC 2018


Yeah, there are some other considerations with this environment. While WSUS is the only service that downloads files in any significant quantity, there were architectural decisions made in the application that this environment hosts which requires the application to have some minimal internet access, which is what caused the need for the proxy. WSUS was originally set up exactly as you described until I learned of the application requirements, and technically it is the only thing that needs a proxy, but I didn't want to set up a different way of accessing the internet for each service that needed access and making it confusing, so went to using a proxy for everything so there would only be one path to the internet.


Keith Hartley
Network Engineer II
khartley at geocent.com
www.geocent.com

-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Yuri
Sent: Friday, March 23, 2018 10:41 AM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Squid for windows Very slow downloads of large files through squid with normal uploads



23.03.2018 21:25, Keith Hartley пишет:
> I had not thought to test that. I will do that today.
>
> In regards to Yuri's comments on firewall vs squid - I don’t agree that a firewall would be a direct replacement in this case.
>
> The 30-40 URIs I need to access resolve to a potential pool of several million IP addresses, and the pool of IP addresses gets updated multiple times per year. Writing rules at the network level would not be practical to implement even one time, let alone maintain over time. A more expensive firewall that is able to implement ACLs by hostname would be needed, and options for virtual firewalls hosted in Azure are limited. It would also require either implementing many static routes, or a transit network with a virtual router, and this environment will be supported by an organization that does not have a network engineer on staff.
It depends. If your make Internet access for servers due to updates - in most cases updates has limited distribution points (of course, we're not considering CDN now). Some cases can be easy solved by server's built-in firewall.

If we're talking about infrastructure, best solution for updates is internal updates server (like WSUS), which only have access to Internet with all security restrictions. You know this better than me ;) Anyway, centralized patch/updates server behind the border firewall is best solution.

But this is, of course, abstract discussion.
>
> I understand that there is very little functionality I need to leverage, but I like Squid, as it is a name that most people in IT will recognize and be able to google.
We're like it too, but Squid's itself is big and relatively complex software, requires much experience to use and not always easy in support. It has a lot of functions and can have very complex configurations. This is why I can't recommend use it in all cases requires proxying/caching without serious reasons.
>
> I may still review privoxy however. If it is simple enough that 
> supporting it would be something easy to just figure out with minimal 
> research, it may still be a good option. I like simple, but high 
> supportability is mandatory
Yes. Privoxy is very simple instead Squid. It is non-caching proxy, which have all functionality you require. It works with hostnames.

Don't worry - you will not require much support for it. It's just works. ;)
>
>
> Keith Hartley
> Network Engineer II
> khartley at geocent.com
> www.geocent.com
>
> -----Original Message-----
> From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] 
> On Behalf Of Matus UHLAR - fantomas
> Sent: Friday, March 23, 2018 3:56 AM
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] Squid for windows Very slow downloads of 
> large files through squid with normal uploads
>
> On 22.03.18 23:08, Keith Hartley wrote:
>> However on large files I am only getting 115 Kbps sustained download speeds.
> does this happen evben when you try using squid on the mavchine squid is installed?
>
>
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> I drive way too fast to worry about cholesterol.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
> Confidentiality Notice:
> This email communication may contain confidential information, may be legally privileged, and is intended only for the use of the intended recipients(s) identified. Any unauthorized review, use, distribution, downloading, or copying of this communication is strictly prohibited. If you are not the intended recipient and have received this message in error, immediately notify the sender by reply email, delete the communication, and destroy all copies. Thank you.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

--
"C++ seems like a language suitable for firing other people's legs."

*****************************
* C++20 : Bug to the future *
*****************************




More information about the squid-users mailing list