DOCSLIB.ORG

Reducing the Disk I/O of Web Proxy Server Caches

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

THE ADVANCED COMPUTING SYSTEMS ASSOCIATION The following paper was originally published in the Proceedings of the 1999 USENIX Annual Technical Conference Monterey, California, USA, June 6–11, 1999 Reducing the Disk I/O of Web Proxy Server Caches Carlos Maltzahn and Kathy J. Richardson Compaq Computer Corporation Dirk Grunwald University of Colorado © 1999 by The USENIX Association All Rights Reserved Rights to individual papers remain with the author or the author's employer. Permission is granted for noncommercial reproduction of the work for educational or research purposes. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. For more information about the USENIX Association: Phone: 1 510 528 8649 FAX: 1 510 548 5738 Email: [email protected] WWW: http://www.usenix.org Reducing the Disk I/O of Web Proxy Server Caches Carlos Maltzahn and Kathy J. Richardson Compaq Computer Corporation Network Systems Laboratory Palo Alto, CA [email protected], [email protected] Dirk Grunwald University of Colorado Department of Computer Science Boulder, CO [email protected] Abstract between the corporate network and the Internet. The lat- ter two are commonly accomplished by caching objects on local disks. The dramatic increase of HTTP traffic on the Internet has resulted in wide-spread use of large caching proxy Apart from network latencies the bottleneck of Web servers as critical Internet infrastructure components. cache performance is disk I/O [2, 27]. An easy but ex- With continued growth the demand for larger caches and pensive solution would be to just keep the entire cache in higher performance proxies grows as well. The common primary memory. However, various studies have shown bottleneck of large caching proxy servers is disk I/O. In that the Web cache hit rate grows in a logarithmic-like this paper we evaluate ways to reduce the amount of re- fashion with the amount of traffic and the size of the quired disk I/O. First we compare the file system inter- client population [16, 11, 8] as well as logarithmic- actions of two existing web proxy servers, CERN and proportional to the cache size [3, 15, 8, 31, 16, 25, 9, 11] SQUID. Then we show how design adjustments to the (see [6] for a summary and possible explanation). In current SQUID cache architecture can dramatically re- practice this results in cache sizes in the order of ten to duce disk I/O. Our findings suggest two that strategies hundred gigabytes or more [29]. To install a server with can significantly reduce disk I/O: (1) preserve locality of this much primary memory is in many cases still not fea- the HTTP reference stream while translating these refer- sible. ences into cache references, and (2) use virtual memory instead of the file system for objects smaller than the sys- Until main memory becomes cheap enough, Web caches tem page size. The evaluated techniques reduced disk will use disks, so there is a strong interest in reducing I/O by 50% to 70%. the overhead of disk I/O. Some commercial Web proxy servers come with hardware and a special operating sys- tem that is optimized for disk I/O. However, these so- lutions are expensive and in many cases not affordable. 1 Introduction There is a wide interest in portable, low-cost solutions which require not more than standard off-the-shelf hard- ware and software. In this paper we are interested in ex- ploring ways to reduce disk I/O by changing the way a The dramatic increase of HTTP traffic on the Inter- Web proxy server application utilizes a general-purpose net in the last years has lead to the wide use of large, Unix file system using standard Unix system calls. enterprise-level World-Wide Web proxy servers. The three main purposes of these web proxy servers are to In this paper we compare the file system interactions control and filter traffic between a corporate network and of two existing web proxy servers, CERN [18] and the Internet, to reduce user-perceived latency when load- SQUID [30]. We show how adjustments to the current ing objects from the Internet, and to reduce bandwidth SQUID cache architecture can dramatically reduce disk The Fast File System (FFS) [20] divides disk space into I/O. Our findings suggest that two strategies can signifi- blocks of uniform size (either 4K or 8K Bytes). These cantly reduce disk I/O: (1) preserve locality of the HTTP are the basic units of disk space allocation. These blocks reference stream while translating these references into may be sub-divided into fragments of 1K Bytes for small cache references, and (2) use virtual memory instead of files or files that require a non-integral number of blocks. the file system for objects smaller than the system page Blocks are grouped into cylinder groups which are sets size. We support our claims using measurements from of typically sixteen adjacent cylinders. These cylinder actual file systems exercised by a trace driven workload groups are used to map file reference locality to phys- collected from proxy server log data at a major corporate ically adjacent disk space. FFS tries to store each di- Internet gateway. rectory and its content within one cylinder group and each file into a set of adjacent blocks. The FFS does In the next section we describe the cache architectures not guarantee such file layout but uses a simple set of of two widely used web proxy servers and their interac- heuristics to achieve it. As the file system fills up, the tion with the underlying file systems. We then propose a FFS will increasingly often fail to maintain such a lay- number of alternative cache architectures. While these out and the file system gets increasingly fragmented.A cache architectures assume infinite caches we investi- fragmented file system stores a large part of its files in gate finite cache management strategies in section 3 fo- non-adjacent blocks. Reading and writing data from and cusing on disk I/O. In section 4 we present the methodol- to non-adjacent blocks causes longer seek times and can ogy we used to evaluate the cache structures and section severely reduce file system throughput. 5 presents the results of our performance study. After discussing related work in section 6, we conclude with a Each file is described by meta-data in the form of inodes. summary and future work in section 7. An inode is a fixed length structure that contains infor- mation about the size and location of the file as well as up to fifteen pointers to the blocks which store the data of the file. The first 12 pointers are direct pointers while the 2 Cache Architectures of Web Proxy last three pointers refer to indirect blocks, which contain Servers pointers to additional file blocks or to additional indirect blocks. The vast majority of files are shorter than 96K Bytes, so in most cases an inode can directly point to all We define the cache architecture of a Web proxy server blocks of a file, and storing them within the same cylin- as the way a proxy server interacts with a file system. der group further exploits this reference locality. A cache architecture names, stores, and retrieves objects from a file system, and maintains application-level meta- The design of the FFS reflects assumption about file sys- data about cached objects. To better understand the im- tem workloads. These assumptions are based on studies pact of cache architectures on file systems we first re- of workloads generated by workstations [23, 24]. These view the basic design goals of file systems and then de- workstation workloads and Web cache request work- scribe the Unix Fast File System (FFS), the standard file loads share many, but not all of the same characteristics. system available on most variants of the UNIX operating Because most of their behavior is similar, the file system system. works reasonably well for caching Web pages. How- ever there are differences; and tweaks to the way cache objects map onto the file system produce significant per- 2.1 File systems formance improvements. We will show in the following sections that some file Since the speed of disks lags far behind the speed of system aspects of the workload characteristics gener- main memory the most important factor in I/O perfor- ated by certain cache architectures can differ from usual mance is whether disk I/O occurs at all ([17], page 542). workstation workloads. These different workload char- File systems use memory caches to reduce disk I/O. The acteristics lead to poor file system performance. We will file system provides a buffer cache and a name cache. also show that adjustments to cache architectures can The buffer cache serves as a place to transfer and cache dramatically improve file system performance. data to and from the disk. The name cache stores file and directory name resolutions which associate file and directory names with file system data structures that oth- erwise reside on disk. 100 tween disk and memory. A number of Unix File Systems use a file system block size of 8K Bytes 80 and a fragment size of 1K Bytes. Typically the per- formance of the file system’s fragment allocation 60 mechanism has a greater impact on overall perfor- mance than the block allocation mechanism. In ad- 40 Objects (%) dition, fragment allocation is often more expensive 20 than block allocation because fragment allocation usually involves a best-fit search. 0 10 100 1K 10K 100K 1M Popularity The popularity of Web objects follows Object Size (bytes) « =i ª = a Zipf-like distribution ª (where È Æ « ½ ½=i µ i i ´ and is the th most popular Web i=½ Figure 1: The dynamic size distribution of cached objects.
Recommended publications
  • Nvme-Based Caching in Video-Delivery Cdns

    Nvme-Based Caching in Video-Delivery Cdns

    NVMe-Based Caching In Video-Delivery CDNs Thomas Colonna 1901942 Double Degree INSA Rennes Supervisor: Sébastien Lafond Faculty of Science and Engineering Åbo Akademi University 2020 In HTTP-based video-delivery CDNs (content delivery networks), a critical compo- nent is caching servers that serve clients with content obtained from an origin server. These caches store the content they obtain in RAM or onto disks for serving additional clients without fetching them from the origin. For most use cases, access to the disk remains the limiting factor, thus requiring a significant amount of RAM to avoid these accesses and achieve good performance, but increasing the cost. In this master’s thesis, we benchmark various approaches to provide storage such as regular disks and NVMe-based SSDs. Based on these insights, we design a caching mod- ule for a web server relying on kernel-bypass, implemented using the reference framework SPDK. The outcome of the master’s thesis is a caching module leveraging specific proper- ties of NVMe disks, and benchmark results for the various types of disks with the two approaches to caching (i.e., regular filesystem based or NVMe-specific). Contents 1 Introduction 1 2 Background 3 2.1 Caching in the context of CDNs . .3 2.2 Performances of the different disk models . .4 2.2.1 Hard-Disk Drive . .4 2.2.2 Random-Access Memory . .5 2.2.3 Solid-State Drive . .6 2.2.4 Non-Volatile Main Memory . .6 2.2.5 Performance comparison of 2019-2020 storage devices . .6 2.3 Analysing Nginx . .7 2.3.1 Event processing .
  • Poster: Introducing Massbrowser: a Censorship Circumvention System Run by the Masses

    Poster: Introducing Massbrowser: a Censorship Circumvention System Run by the Masses

    Poster: Introducing MassBrowser: A Censorship Circumvention System Run by the Masses Milad Nasr∗, Anonymous∗, and Amir Houmansadr University of Massachusetts Amherst fmilad,[email protected] ∗Equal contribution Abstract—We will present a new censorship circumvention sys- side the censorship regions, which relay the Internet traffic tem, currently being developed in our group. The new system of the censored users. This includes systems like Tor, VPNs, is called MassBrowser, and combines several techniques from Psiphon, etc. Unfortunately, such circumvention systems are state-of-the-art censorship studies to design a hard-to-block, easily blocked by the censors by enumerating their limited practical censorship circumvention system. MassBrowser is a set of proxy server IP addresses [14]. (2) Costly to operate: one-hop proxy system where the proxies are volunteer Internet To resist proxy blocking by the censors, recent circumven- users in the free world. The power of MassBrowser comes from tion systems have started to deploy the proxies on shared-IP the large number of volunteer proxies who frequently change platforms such as CDNs, App Engines, and Cloud Storage, their IP addresses as the volunteer users move to different a technique broadly referred to as domain fronting [3]. networks. To get a large number of volunteer proxies, we This mechanism, however, is prohibitively expensive [11] provide the volunteers the control over how their computers to operate for large scales of users. (3) Poor QoS: Proxy- are used by the censored users. Particularly, the volunteer based circumvention systems like Tor and it’s variants suffer users can decide what websites they will proxy for censored from low quality of service (e.g., high latencies and low users, and how much bandwidth they will allocate.
  • Updating Systems and Adding Software in Oracle® Solaris 11.4

    Updating Systems and Adding Software in Oracle® Solaris 11.4

    Updating Systems and Adding Software ® in Oracle Solaris 11.4 Part No: E60979 November 2020 Updating Systems and Adding Software in Oracle Solaris 11.4 Part No: E60979 Copyright © 2007, 2020, Oracle and/or its affiliates. License Restrictions Warranty/Consequential Damages Disclaimer This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. Warranty Disclaimer The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. Restricted Rights Notice If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are "commercial
  • Tinkertool System 7 Reference Manual Ii

    Tinkertool System 7 Reference Manual Ii

    Documentation 0642-1075/2 TinkerTool System 7 Reference Manual ii Version 7.5, August 24, 2021. US-English edition. MBS Documentation 0642-1075/2 © Copyright 2003 – 2021 by Marcel Bresink Software-Systeme Marcel Bresink Software-Systeme Ringstr. 21 56630 Kretz Germany All rights reserved. No part of this publication may be redistributed, translated in other languages, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, without the prior written permission of the publisher. This publication may contain examples of data used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. This publication could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. The publisher may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Make sure that you are using the correct edition of the publication for the level of the product. The version number can be found at the top of this page. Apple, macOS, iCloud, and FireWire are registered trademarks of Apple Inc. Intel is a registered trademark of Intel Corporation. UNIX is a registered trademark of The Open Group. Broadcom is a registered trademark of Broadcom, Inc. Amazon Web Services is a registered trademark of Amazon.com, Inc.
  • ICP and the Squid Web Cache* 1 Introduction

    ICP and the Squid Web Cache* 1 Introduction

    ICP and the Squid Web Cache Duane Wessels k cla y August 13, 1997 Abstract We describ e the structure and functionality of the Internet Cache Proto col ICP and its implementation in the Squid Web Caching software. ICP is a lightweight message format used for communication among Web caches. Caches exchange ICP queries and replies to gather information to use in selecting the most appropriate lo cation from which to retrieve an ob ject. We present background on the history of ICP, and discuss issues in ICP deployment, e- ciency, security, and interaction with other asp ects of Web trac b ehavior. We catalog successes, failures, and lessons learned from using ICP to deploy a global Web cache hierarchy. 1 Intro duction Ever since the World-Wide Web rose to p opularity around 1994, much e ort has fo cused on reducing latency exp erienced by users. Sur ng the Web can b e slow for many reasons. Server systems b ecome slow when overloaded, esp ecially when hot sp ots suddenly app ear. Congestion can also o ccur at network exchange p oints or across links, and is esp ecially prevalent across trans-o ceanic links that often cost millions of dollars p er month. A common, alb eit exp ensiveway to alleviate such problems is to upgrade the overloaded resource: get a faster server, another E1, a bigger switch. However, this approach is not only often eco- nomically infeasible, but p erhaps more imp ortantly, it also fails to consider the numerous parties involved in even a single, simple Web transaction.
  • Squirrel: a Decentralized Peer-To-Peer Web Cache

    Squirrel: a Decentralized Peer-To-Peer Web Cache

    To appear in the 21th ACM Symposium on Principles of Distributed Computing (PODC 2002) Squirrel: A decentralized peer-to-peer web cache ∗ Sitaram Iyer Antony Rowstron Peter Druschel Rice University Microsoft Research Rice University 6100 Main Street, MS-132 7 J J Thomson Close 6100 Main Street, MS-132 Houston, TX 77005, USA Cambridge, CB3 0FB, UK Houston, TX 77005, USA [email protected] [email protected] [email protected] ABSTRACT There is substantial literature in the areas of cooperative This paper presents a decentralized, peer-to-peer web cache web caching [3, 6, 9, 20, 23, 24] and web cache workload char- called Squirrel. The key idea is to enable web browsers on acterization [4]. This paper demonstrates how it is possible, desktop machines to share their local caches, to form an ef- desirable and efficient to adopt a peer-to-peer approach to ficient and scalable web cache, without the need for dedicated web caching in a corporate LAN type environment, located hardware and the associated administrative cost. We propose in a single geographical region. Using trace-based simula- and evaluate decentralized web caching algorithms for Squir- tion, it shows how most of the functionality and performance rel, and discover that it exhibits performance comparable to of a traditional web cache can be achieved in a completely a centralized web cache in terms of hit ratio, bandwidth us- self-organizing system that needs no extra hardware or ad- age and latency. It also achieves the benefits of decentraliza- ministration, and is fault-resilient. The following paragraphs tion, such as being scalable, self-organizing and resilient to elaborate on these ideas.
  • Performance Guide 3.7.0.123608

    Performance Guide 3.7.0.123608

    Vizrt Community Expansion Performance Guide 3.7.0.123608 Copyright © 2010-2012 Vizrt. All rights reserved. No part of this software, documentation or publication may be reproduced, transcribed, stored in a retrieval system, translated into any language, computer language, or transmitted in any form or by any means, electronically, mechanically, magnetically, optically, chemically, photocopied, manually, or otherwise, without prior written permission from Vizrt. Vizrt specifically retains title to all Vizrt software. This software is supplied under a license agreement and may only be installed, used or copied in accordance to that agreement. Disclaimer Vizrt provides this publication “as is” without warranty of any kind, either expressed or implied. This publication may contain technical inaccuracies or typographical errors. While every precaution has been taken in the preparation of this document to ensure that it contains accurate and up-to-date information, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained in this document. Vizrt’s policy is one of continual development, so the content of this document is periodically subject to be modified without notice. These changes will be incorporated in new editions of the publication. Vizrt may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time. Vizrt may have patents or pending patent applications covering subject matters in this document. The furnishing of this document does not give you any license to these patents. Technical Support For technical support and the latest news of upgrades, documentation, and related products, visit the Vizrt web site at www.vizrt.com.
  • In Computer Networks, A

    In Computer Networks, A

    Practical No.1 Date:- Title:- Installation of Proxy-Server Windows Server 2003 What is proxy server? In computer networks, a proxy server is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request wit hout contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly . Most proxies are a web proxy, allowing access to content on the World Wide Web. A proxy server has a large variety of potential purposes, including: To keep machines behind it anonymous (mainly for security).[1] To speed up access to resources (using caching). Web proxies are commonly used to cache web pages from a web server.[2] To apply access policy to network services or content, e.g. to block undesired sites. To log / audit usage, i.e. to provide company employee Internet usage reporting. To bypass security/ parental controls. To scan transmitted content for malware before delivery.
  • Threat Modeling and Circumvention of Internet Censorship by David Fifield

    Threat Modeling and Circumvention of Internet Censorship by David Fifield

    Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers. I hope to change the perception that the circumvention problem is a cat-and-mouse game that affords only incremental and temporary advancements.
  • Linux Tips and Tricks

    Linux Tips and Tricks

    Linux Tips and Tricks Chris Karakas Linux Tips and Tricks by Chris Karakas This is a collection of various tips and tricks around Linux. Since they don't fit anywhere else, they are presented here in a more or less loose form. We start on how to get an attractive vi by using syntax highlighting, multiple search and the smartcase, incsearch, scrolloff, wildmode options in the vimrc file. We continue on various configuration subjects regarding Netscape, like positioning and sizing of windows and roaming profiles. Further on, I present a CSS file for HTML documents that were created automatically from DocBook SGML. Also a chapter on transparent proxying with Squid. Copyright © 2002-2003 Chris Karakas. Permission is granted to copy, distribute and/or modify this docu- ment under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license can be found at the Free Software Foundation. Revision History Revision 0.04 04.06..2003 Revised by: CK Added chapter on transparent proxying. Added Index. Alt text and captions for images Revision 0.03 29.05.2003 Revised by: CK Added chapters on Netscape and CSS for DocBook. Revision 0.02 18.12.2002 Revised by: CK first version Table of Contents 1. Introduction......................................................................................................... 1 1.1. Disclaimer .....................................................................................................................1
  • How to Download Torrent Anonymously How to Download Torrent Anonymously

    How to Download Torrent Anonymously How to Download Torrent Anonymously

    how to download torrent anonymously How to download torrent anonymously. Completing the CAPTCHA proves you are a human and gives you temporary access to the web property. What can I do to prevent this in the future? If you are on a personal connection, like at home, you can run an anti-virus scan on your device to make sure it is not infected with malware. If you are at an office or shared network, you can ask the network administrator to run a scan across the network looking for misconfigured or infected devices. Another way to prevent getting this page in the future is to use Privacy Pass. You may need to download version 2.0 now from the Chrome Web Store. Cloudflare Ray ID: 66b6c3aaaba884c8 • Your IP : 188.246.226.140 • Performance & security by Cloudflare. Download Torrents Anonymously: 6 Safe And Easy Ways. Who doesn’t want to know how to download torrents anonymously? The thing is, in order to download torrents anonymously you don’t need to have a lot of technical know-how. All you need to download torrents anonymously is some grit and a computer with an internet connection. The technology world never remains the same. In fact, new development and discoveries come to the surface of this industry every day. They also come into the attention of online users every year. Moreover, this allows us to do much more than we could do in the past, in faster and easier ways. A highly relevant aspect to mention at this stage is that: Now we can also download torrents anonymously from best torrent sites.
  • World-Wide Web Proxies

    World-Wide Web Proxies

    World-Wide Web Proxies Ari Luotonen, CERN Kevin Altis, Intel April 1994 Abstract 1.0 Introduction A WWW proxy server, proxy for short, provides access to The primary use of proxies is to allow access to the Web the Web for people on closed subnets who can only access from within a firewall (Fig. 1). A proxy is a special HTTP the Internet through a firewall machine. The hypertext [HTTP] server that typically runs on a firewall machine. server developed at CERN, cern_httpd, is capable of run- The proxy waits for a request from inside the firewall, for- ning as a proxy, providing seamless external access to wards the request to the remote server outside the firewall, HTTP, Gopher, WAIS and FTP. reads the response and then sends it back to the client. cern_httpd has had gateway features for a long time, but In the usual case, the same proxy is used by all the clients only this spring they were extended to support all the within a given subnet. This makes it possible for the proxy methods in the HTTP protocol used by WWW clients. Cli- to do efficient caching of documents that are requested by ents don’t lose any functionality by going through a proxy, a number of clients. except special processing they may have done for non- native Web protocols such as Gopher and FTP. The ability to cache documents also makes proxies attrac- tive to those not inside a firewall. Setting up a proxy server A brand new feature is caching performed by the proxy, is easy, and the most popular Web client programs already resulting in shorter response times after the first document have proxy support built in.