Classrooms, teaching base, laboratories, computer room about dozens, more than 3,000 networked computers.I have 2 school now exports, a rate of 10M bps, China Education and Research through the optical access network CERNET, the other with a rate of 4M bps into China Telecom.
First, the user's needs:
I am a user of the main school campus for the students and teachers at the school.According to statistics, about 80% of users use the WWW, FTP and other resources.My school has Chinanet ip 126 个, can not be distributed to all users.Achieved by setting up a proxy server to allow all users to use the network resources is the most simple and relatively safe and reliable method.Through the erection of a special WWW (FTP) agent to meet the major needs of users, through the erection of socks5 proxy to meet other needs of users.
Second, the choice of hardware and software
Hardware
Cache Server can be a normal PC server with cache software (such as Squid, Inktomi) composition, it can be hardware and software systems and a dedicated cache server.According to the actual situation of export Chinanet, 4Mbps rate of exports, second largest amount of incoming data about 500K / s.Backbone of our school for dual gigabit connections between nodes, reach the part of the lab is Fast, get quarters for the 10M.Maximum amount of data sent to about 12M / s.The amount of data transmitted is not large, the use of traditional IA32 architecture servers can meet the demand.Network Center of our school computer room with cabinets to store the server.HP LH6000 server, and highly scalable, is the new six-way servers.Proxy server computing load is not heavy, the requirement for higher IO.LH6000 by custom configuration can meet this requirement.By using the raid can improve disk performance and increase the reliability of data.Proxy server software, a larger footprint.LH6000 can support 8GB of memory.Final choice of configuration is as follows:
Configuration
Processor: a 100MHz system bus Intel Pentium III Xeon 700MHz processor
Memory: 1G PC-133 ECC SDRAM
Disk controller: Integrated with 32MB Cache Dual Ultra3 SCSI HP NetRAID controller
Additional Single: Ultra Wide SCSI controller
Built-in Storage: Hot Plug 5x18G half-height drives
LAN: Built-in NIC INTEL 82559 100M
Power: 3 Hot Plug Power Supply
RAID uses RAID5 mode, this mode is written to the disk array data, parity data is stored in each disk array, allowing a single disk errors.RAID 5 is also based on the data parity bit to ensure the security of data, but it is not a separate hard drive to store data parity bit, but the interaction parity data segment stored in each disk.In this way, any damage to a hard disk, you can check under the other bits on the hard drive to rebuild the damaged data.
Software
Squid Internet Object Cache (Harvest Project follow-up version) is great to help a U.S. government research project.Squid is an open source proxy server software.It is a UNIX system running for the full-featured proxy server software.It can be HTTP protocol, FTP protocol, and other ways to use positioning protocol for URL cache.It supports client-side data transfer using SSL protocol.It can use ICP, HTCP, CARP, Cache Digests, and other such agreements and ways to collaborate the server running squid.It supports SNMP protocol, you can use the appropriate software to do the coordination and management.And can configure access control lists in detail (acl).
Operating System
Former school as a proxy server using linux operating system.This is because the former usually doubles as a proxy server to other servers.A lot of server software developed specifically for linux, or linux running on the most efficient.Squid itself is unix-like operating system development.The system itself is not much requirement.At present our school Chinanet proxy server using FreeBSD as the operating system.
Linux has not selected the following reasons:
The core part of the development of Linux is relatively open, FreeBSD is the core of the core team from a strictly done.Relatively more stringent checks.Comparison of the core part of the BSD kernel is more stable.
Linux on the high load carrying capacity than FreeBSD.Program for high load tolerance of error, BSD is far stronger than Linux.
Many well-known sites, such as: yahoo, netease other well-known commercial Web sites that use freebsd, stability and performance of the evaluation already adopted by many experts, is far better than Linux.
In the famous article "Linux vs BSD: A Tale of Two System", is this evaluation Freebsd a: FreeBSD focuses on the Intel Architecture PC and server platforms, and on providing the best performance and stability possible. The DEC / Compaq Alpha isalso supported.
However, there are not as good as Linux Freebsd weaknesses.Mainly on the performance of the disk IO.This is mainly because Freebsd use of performance-UFS file system used on linux as ext2/ext3.But in addition there will be much improved after softupdate.And the use of overseas agents to configure raid5 mode, using the high speed scsi hard disk, in the case of the hardware configuration, read the squid cache size of a small number of k file using ext2 and ufs + softupdate differences in the efficiency of one ten thousandthbelow.Load thousands of users for the proxy server, you can ignore the efficiency of the difference.
For these reasons, the final choice of Freebsd as a proxy server operating system.