Security Basics mailing list archives
Re: NAT and webcashing
From: Brian Bruns <bruns () 2mbit com>
Date: Fri, 10 Jan 2003 18:55:47 -0500
At 12:55 AM 1/10/03 -0000, snaqi wrote:
I want to implement WebCashing in my organisation. Q: What is the relationship between NAT and WebCashing?
There isn't really any. They can be used separately, or together. Web caches can be setup in different ways - if you want to run a transparent one, you either put it between the client machines and the internet, or off to the side and have your router redirect all outgoing tcp 80 requests to the cache. If you want to run one where the client has to put in the proxy settings manually, you set it up on a box and give the info to the clients.
Q: How can I run chatt applications and other dynamic sites to be stored in webcash?
Most web proxies won't store dynamic content (from say, a cgi), and most dynamic sites put in a no-cache directive in their headers, which tell the proxy not to cache the data. On top of it all, web proxies will do a HEAD on the document to see if its changed. If it has, then it will just get the updated page for you and send it to you. HEAD is much smaller then GET and saves time - just checks the size and date IIRC.
Q: Any url's for this solution using Linux?
Under linux, easiest way is to use Squid. Squid has instructions on both methods of setup (manual and transparent) and is open source. http://www.squid-cache.org/ I recommend squid for a few reasons - you can put in multiple squid servers to increase how much load it can take, etc.
Q: Any inexpensive hardware box that can do all?
You need alot of RAM and HD space. At least 256MB of RAM, and I'd say at least 10 GB of hard drive space. Need to have a fast hard drive too. CPU speed doesn't matter as much as does the RAM and HD. I've run it on low resources fine too, just that I wouldn't recommend it for any more then 3-4 users. -------------------------------- Brian Bruns Founder, The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.2mbit.com ICQ: 8077511 No spam tolerated. By sending an e-mail to this account, your server may be subjected to an open relay/open proxy test as part of our ongoing efforts to reduce spam.
Current thread:
- NAT and webcashing snaqi (Jan 10)
- Re: NAT and webcashing Brian Bruns (Jan 10)
- Re: NAT and webcashing Devdas Bhagat (Jan 13)