7

We are a ISP in Africa (bandwidth is expensive, more than 800 USD per Mbit). Instead of investing in more bandwidth I believe it can be worthy to invest on web proxy appliance.

I prefer to use mature appliances instead of opensource tools. BlueCoat or BarracudaNetworks are my first possibilities.

We have currently 50 Mbits and we plan until the end of the year to have 100 Mbits, we're growing considerably.

My questions are:

  1. Which Proxy/Cache appliance do you recommend? Preferable to have 2 on load balance or failover.
  2. How does "Web acceleration proxy" works?
John Gardeniers
  • 27,262
  • 12
  • 53
  • 108
Andre
  • 1,333
  • 4
  • 18
  • 31
  • 3
    I know for a fact that Barracuda Networks relies heavily on open source software and operating systems (Linux). Don't be so sure to count out Squid. – gravyface May 02 '11 at 22:34

2 Answers2

11

I suggest you reevaluate your reasons for wanting to go the commercial route rather than using an opensource solution such as Squid.

Squid is used by many large ISPs worldwide and is quite likely the most mature web cache and proxy available. Apart from the cost benefit of not requiring any license fees, Squid has an active community and hundreds of code snippets for different type of configurations. It's also easily expandable, allowing for features such as content manipulation (eg. automatically removing adverts) and even live file scanning to prevent malicious software from being passed along to your users.

Squid also allows for clustering to facilitate load balancing and high availability, and additionally, content routing allows you to create a hierarchical network of proxy servers to serve up content based on your own requirements, such as the varied geographic distribution of your clients.

Many commercial solutions claim higher content caching ratios, but be warned, these higher cache ratios are almost always at the cost of breaking web standards. HTTP headers contain directives specifying information such as expiry dates and whether to allow the object to be cached, as well as a number of other headers which influence caching. Ignoring these headers will break HTTP standards, and content which should be served up dynamically may break as a result of a cached item being served from the proxy server rather than fresh content from the originating web server. Having said this, Squid does allow you to fine-tune cache parameters, allowing you to go so far as to completely override parameters such as 'no-cache' and expiry headers, although going this route is generally not recommended.

I'm also based in Africa, and the value provided by Squid is in most cases quite immense, especially in areas limited to dial-up or low-speed DSL services. Take a look at the Why page on the Squid website for some more compelling reasons.

Richard Keller
  • 2,270
  • 2
  • 18
  • 31
  • 1
    +1, I have to 100% back this suggestion. Squid is not the kind of open source software that people use because it's free, it's the kind that gets used because it's the best. Sort of like Apache, its the standard setting player in it's field. I've implemented it on every level from my home desktop with one client to a 10k ISP and found it to be solid and problem free at every level. – Caleb May 03 '11 at 07:38
3

I used Squid on ISP level, back in 2002. If you have routers that support WCCP you can use multiple hierarchical Squid servers (siblings) and provide high availability. WCCP also knows when the backends are down and in this case the requests continue to go through, what is a good thing that may not happen if you use a transparent proxy alternative.

Web acceleration proxy is just a name for proxy work: it accelerates the connections by serving recently accessed content from a nearer point (the proxy) instead from the original site, so making it faster.

coredump
  • 12,573
  • 2
  • 34
  • 53