Forum Discussion

hc_andy_35682's avatar
hc_andy_35682
Icon for Nimbostratus rankNimbostratus
Mar 22, 2010

OneConnect and Proxy/Squid Load Balancing

Hi All,

 

 

We provide proxy services (http/https) to a large number of schools (each with their own static IP). Each school can have 1000's of connections to the virtual server at any time.

 

 

What we have is a a large squid (proxy) cluster and in front of that is the F5 doing least conns with source address persistence. Each pool member also has a 4000 max conns limit. What we're finding is that several of our squid servers are reaching their max conn limit.

 

 

1/ When the max conn limit is reached, will the client (school) request be served by another available pool member taking into consideration that we have source address pesistence enabled so the client (school) is expecting to hit the same pool member all the time? If the client (school) is served by another pool member, wouldn't this then break the source address persistence?

 

 

2/ Would something like a OneConnect profile help us reduce the number of connections from the LTM to the squid cluster. I've read up on it but not 100% sure how it applies in a squid/proxy environment.

 

 

Is this like having one big pipe (tcp connection) from the LTM to the squid box say for school 1's incoming connections, so that all new connections from school 1 uses that big pipe. What about the return traffic from the squid box back to the school? Is it still returning traffic via this big pipe or does it need to create a new tcp connection for the return traffic?

 

 

Thanks.

 

 

Andy

31 Replies