OneConnect and Proxy/Squid Load Balancing

Firstly, why do you need to have all the school's connections goto the same squid server? Is this an absolute requirement? Or a nice to have?

 

 

Yes, oneConnect COULD help you reduce the number of connections... What it's good at doing is to take X connections from clients and multiplex them on Y connections to the backend server. Where in your scenario, Y < X. You'd get more than 1 connections to the squid. It's basically a way of multiplexing hundreds of clients across fewer connections to the backend (Note that this isn't ALL oneconnect does, but it's the one you want).

 

 

Leaving aside questions of return traffic (Because the LTM will do all this automatically for you), you need to consider the effect of authentication that may occur between the client browser and the proxy (I've seen some scenarios where the webserver only checks the FIRST request and 'assumes' that following requests are the same user... Oops...). You need to get the mask correct for the oneconnect IP address matching too (The only time I really use it is for SSL and bypassing one of the ends that doesn't do HTTP keepalives).

 

 

In order to answer those questions would require a lot more information... e.g. Do you do authentication? And by what method?

 

 

H