> -----Original Message----- > From: Andrew Pantyukhin [mailto:infofarmer@xxxxxxxxx] > Sent: Thursday, February 02, 2006 12:42 AM > To: squid-users@xxxxxxxxxxxxxxx > Subject: Seamless squid fail-over with requirements > > > We've got several FreeBSD gateways, each redirecting > http traffic to a central squid cache. The cache is under > quite a load, so it's taken down for maintenance often > and hangs not so rarely, too. When bad things happen, > a perl script on each gateway detects the failure (within > 5 seconds) and ceases redirections, letting http traffic > through NAT until the cache goes up again. > > This is fine mostly. The thing is a proxy is much nicer > than plain NAT in many aspects. Also, when squid > goes down there's an effective 10-15 seconds' gap in > sevice, resulting in numerous time-outs, interruptions of > big downloads and other difficulties. > > What I want is to run proxy-only squid on each gateway, > which should redirect all requests to the central cache. I > think this way the fail-over will be more seamless. > > We've got 2 custom requirements, though: > 1. The central cache must see the IP's of its clients Look into http://devel.squid-cache.org/projects.html#follow_xff > 2. Redirector on the central cache must work I'm not sure if the XFF patch affects redirectors. > > Is there a sane way to do this? > Be aware, the central proxy going down is still going to kill in-transit requests (i.e. big downloads will still die). Perhaps a better option would be to add another central server (or two), and load balance between them. That might reduce the likelihood of the central server going down. To the best of my knowledge, seamless hand-off of TCP streams is not possible with Squid. Chris