Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NAT and webcashing

From: Brian Bruns <bruns () 2mbit com>
Date: Fri, 10 Jan 2003 18:55:47 -0500
At 12:55 AM 1/10/03 -0000, snaqi wrote:


I want to implement WebCashing in my organisation.

Q: What is the relationship between NAT and WebCashing?


There isn't really any.  They can be used separately, or together.  Web
caches can be setup in different ways - if you want to run a transparent
one, you either put it between the client machines and the internet, or off
to the side and have your router redirect all outgoing tcp 80 requests to
the cache.  If you want to run one where the client has to put in the proxy
settings manually, you set it up on a box and give the info to the clients.



Q: How can I run chatt applications and other dynamic sites to be stored in
webcash?


Most web proxies won't store dynamic content (from say, a cgi), and most
dynamic sites put in a no-cache directive in their headers, which tell the
proxy not to cache the data.

On top of it all, web proxies will do a HEAD on the document to see if its
changed.  If it has, then it will just get the updated page for you and
send it to you.  HEAD is much smaller then GET and saves time - just checks
the size and date IIRC.



Q: Any url's for this solution using Linux?


Under linux, easiest way is to use Squid.  Squid has instructions on both
methods of setup (manual and transparent) and is open source.

http://www.squid-cache.org/

I recommend squid for a few reasons - you can put in multiple squid servers
to increase how much load it can take, etc.



Q: Any inexpensive hardware box that can do all?


You need alot of RAM and HD space.  At least 256MB of RAM, and I'd say at
least 10 GB of hard drive space.  Need to have a fast hard drive too.  CPU
speed doesn't matter as much as does the RAM and HD.  I've run it on low
resources fine too, just that I wouldn't recommend it for any more then 3-4
users.


--------------------------------
Brian Bruns
Founder, The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511

No spam tolerated.  By sending an e-mail to this account, your
server may be subjected to an open relay/open proxy test as part
of our ongoing efforts to reduce spam.
Previous By Date Next
Previous By Thread Next

Current thread: