Search squid archive

RE: How to deny unmatched/unspecified domains insquid 2.6 under reverse proxy mode?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Henrik,

Few lines in my squid.conf in relation to the reverse proxy mode:

Http_port 80 vhost

Cache_peer 192.168.2.6 parent 8000 0 no-query originserver
Cache_peer 192.168.2.4 parent 8000 0 no-query originserver
Cache_peer 192.168.2.2 parent 8000 0 no-query originserver

Cache_peer_domain 192.168.2.6 www1.mycompany.com
Cache_peer_domain 192.168.2.4 www2.mycompany.com


I took a trace into the code to see why I did not get an error page, the problem appears to be the leftover parent that does not have domain association, 192.168.2.2. The logic in the code returns a match for peer that does not have domain association (in peerAllowedToUse function of neighbors.c) And that is how the parent selection results a match. 

I could enforce the squid.conf to remove parents that are not in-use, or change the logic of peer selection to always return no match for domain that does not parent (initilizing the do_ping to zero instead of zero) Perhaps there is a reason for the current logic or it is simply an undesired side-effect of something else?

Interesting that you mention cache_peer_access. I have not thought about using it. It could be handy for some custom configurations.

Thanks,
Khanh

-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, October 17, 2006 5:28 PM
To: Nguyen, Khanh, INFOT
Cc: Squid List
Subject: Re:  How to deny unmatched/unspecified domains insquid 2.6 under reverse proxy mode?

mån 2006-10-16 klockan 10:14 -0400 skrev Nguyen, Khanh, INFOT:

> I have squid 2.6 on Linux OS. The squid cache is configured in reverse
> proxy mode, means each domain has a mapping web server for objects
> retrieval. For example: objects of www1.mycompany.com will be fetched
> from websever1.mycompany.com, objects of www2.mycompany.com will be
> fetched from webserver2.mycompany.com ... 

Ok.

> For domains that are NOT configured in the cache server, the squid
> cache uses first_up_parent, sometime webserver1.mycompany.com, other
> time webserver2.mycompany.com.

Not in the setups I have done. I end up in "cannot forward request".

How have you configured the mapping above? The 2.6 supposed way is to
use cache_peer + cache_peer_access (or cache_peer_domain).

Regards
Henrik
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux