Kevin Durant
asked on
Best Forward Proxy Server for 5000 concurrent connections
Between Squid Proxy and Apache Traffic Server (ATS) - which one is the better forward proxy server for 5000 concurrent connections to Social Media (non-video, no file downloads) sites (Linkedin, Quora, Facebook, Instagram, Pinterest, Twitter). Due to the personalized & unique nature of user's newsfeeds, I don't believe the caching feature will be that useful for acceleration for this scenario.
Do both solutions require the same resources? Will both solutions easily scale for future growth?
From most posts that I've read, or IT social circles, Squid appears to be more popular, however after seeing the benchmarks at the end of this presentation, my curiosity is open to ATS:
ATS vs Squid Proxy Benchmarks
Do both solutions require the same resources? Will both solutions easily scale for future growth?
From most posts that I've read, or IT social circles, Squid appears to be more popular, however after seeing the benchmarks at the end of this presentation, my curiosity is open to ATS:
ATS vs Squid Proxy Benchmarks
ASKER
Thanks for your reply Arnold. My understanding is that both Squid and Apache Traffic Server have HTTPS and SSL capabilities. But with this enabled, which proxy server will perform better with 5000 concurrent connections now and scale easier for further client growth?
Let's flip the question. What us your expectation.
In order for either to terminate the request, you effectively have to configure your proxy as man in the middle by pushing to the internal clients an internally signed certificate matching any URL .
Since both can be configured as forward and reverse, handling SSL could apply to the reverse, I.e. The SSL connection terminates on the reverse proxy providing for application acceleration by accessing images, static objects on the cache without the need to query the webservers behind it.
HTTPS access in forward proxies when the fluent is configured, the proxy connects the client to the destination, it does not see what the response is.
In HTTPS, the forward proxy acts as a switch board, connecting the requester to the destination ...
In order for either to terminate the request, you effectively have to configure your proxy as man in the middle by pushing to the internal clients an internally signed certificate matching any URL .
Since both can be configured as forward and reverse, handling SSL could apply to the reverse, I.e. The SSL connection terminates on the reverse proxy providing for application acceleration by accessing images, static objects on the cache without the need to query the webservers behind it.
HTTPS access in forward proxies when the fluent is configured, the proxy connects the client to the destination, it does not see what the response is.
In HTTPS, the forward proxy acts as a switch board, connecting the requester to the destination ...
ASKER
Thanks Arnold. I confess, I am not sure what you are asking, but I think it is maybe off topic.
I see many companies that sell proxies to access social media sites, so I know it possible. Here are a few:
http://www.sslprivateproxy.com
http://www.blazingseollc.com
http://stormproxies.com/
My Question: Which is the best proxy server in the market to be used in a commercial environment? (With roughly 5000 simultaneous users/connections)
Is Squid, or ATS, maybe another server the best one or are they exactly the same with no difference in performance under extreme stress? I have a developer who asked me which package to install next week before we move forward, and I haven't seen any data or universal benchmark comparisons available on google.
I see many companies that sell proxies to access social media sites, so I know it possible. Here are a few:
http://www.sslprivateproxy.com
http://www.blazingseollc.com
http://stormproxies.com/
My Question: Which is the best proxy server in the market to be used in a commercial environment? (With roughly 5000 simultaneous users/connections)
Is Squid, or ATS, maybe another server the best one or are they exactly the same with no difference in performance under extreme stress? I have a developer who asked me which package to install next week before we move forward, and I haven't seen any data or universal benchmark comparisons available on google.
There is no caching of HTTPS controls, they connect through
you need to make sure you have the bandwidth to support the data transfers.
Best way to see, setup one of each and that will illustrate the point.
The configuration is such that a request from a client for HTTPS://Facebook.com
Will work as follows the proxy sees the
It initiates a connect Facebook.com:443 and then allows the request from the browser to ve send through the connection to the web server.
HTTPS requires a certificate exchange which can only be done between the client and the server.
The proxy in this case on,y acts to setup the connection.
Proxies forward, act the same way.
It takes about 10 minutes to setup a forward squid proxy
Http protocols can be setup to cache, HTTPS connections can not.
you need to make sure you have the bandwidth to support the data transfers.
Best way to see, setup one of each and that will illustrate the point.
The configuration is such that a request from a client for HTTPS://Facebook.com
Will work as follows the proxy sees the
It initiates a connect Facebook.com:443 and then allows the request from the browser to ve send through the connection to the web server.
HTTPS requires a certificate exchange which can only be done between the client and the server.
The proxy in this case on,y acts to setup the connection.
Proxies forward, act the same way.
It takes about 10 minutes to setup a forward squid proxy
Http protocols can be setup to cache, HTTPS connections can not.
ASKER
Thanks Arnold.
"Best way to see, setup one of each and that will illustrate the point."
I was hoping to find people here that have already installed and benchmarked proxy servers and had some previous experience with different loads of simultaneous connections. Like are there any Pros and Con's of using Squid vs Apache ?
"Best way to see, setup one of each and that will illustrate the point."
I was hoping to find people here that have already installed and benchmarked proxy servers and had some previous experience with different loads of simultaneous connections. Like are there any Pros and Con's of using Squid vs Apache ?
The suggestion is based on what I think is a misconception of functionality. The proxy's work will be to setup a vonnection only.
5000 concurrent users in a web type access is not a measure one can rely on. The metrics is how many requests per second the proxy has to fulfil.
What is your available bandwidth?
The limit in my opinion will be your download bandwidth. Since the requests are usually small, the responses are large.
The example/reference you posted deals with an organization setting up a forward proxy for its internal users.
LAN traffic to proxy over wan to destination.
What other features do you need! Do you need to authorize users to use the proxy, fo you need to meter their data transfers, destination?
5000 concurrent users in a web type access is not a measure one can rely on. The metrics is how many requests per second the proxy has to fulfil.
What is your available bandwidth?
The limit in my opinion will be your download bandwidth. Since the requests are usually small, the responses are large.
The example/reference you posted deals with an organization setting up a forward proxy for its internal users.
LAN traffic to proxy over wan to destination.
What other features do you need! Do you need to authorize users to use the proxy, fo you need to meter their data transfers, destination?
ASKER
What is your available bandwidth? 1 GB Up + 1GB Down at the Data Center
Incoming connections will most likely come from residential ip's, or other data centers.
What other features do you need:
1. Authorization = Yes = username/password or pre-approved IPs
2. Metering Data transfer = No = Completely Open
3. Blocking/Approving Destinations = No = Completely Open
Incoming connections will most likely come from residential ip's, or other data centers.
What other features do you need:
1. Authorization = Yes = username/password or pre-approved IPs
2. Metering Data transfer = No = Completely Open
3. Blocking/Approving Destinations = No = Completely Open
I understand your question in terms of performance, my suggestion deals with ease of use, management.
Squid you would use an external program to determine whether the request is authorized or requires authorization. It is a fairly ... There are many examples of scripts, configs..
Using a database Maria/MySQL postgresql are you setting up a few proxy servers that function as one cluster/loadbalancer?
The further you get into a decision, other considerations would kick in..
A benchmark is fine, but a context to compare accurately. Service to service.
Squid you would use an external program to determine whether the request is authorized or requires authorization. It is a fairly ... There are many examples of scripts, configs..
Using a database Maria/MySQL postgresql are you setting up a few proxy servers that function as one cluster/loadbalancer?
The further you get into a decision, other considerations would kick in..
A benchmark is fine, but a context to compare accurately. Service to service.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
The on,y other possibility, is that when users attempt to access any of these social media, your forward proxy would internally convert the non secure requested URL to HTTPS and would handle URL rewrites
Browser Forward proxy HTTPS requests
Data being sent back replaces HTTPS references back to http ...