On Wed, 2008-06-11 at 13:15 +1200, Amos Jeffries wrote: > > You need a cache_peer for each unique source (the app server and the > upstream proxy.) > Chris has already pointed you at cache_peer_access. That with a few > dstdomain ACL can route the app requests to the app peer and the rest at > the parent proxy. > > Using a cache_peer for the app server drops any need for special DNS or > hosts file config. Everything happens at one place inside the squid.conf. > > > Amos Thanks Amos + Chris! I didn't like putting in fake DNS entries anyway, so this way is much cleaner. For the archives, I have a 'edge' squid proxy, which can access the internet, and an internal Apache reverse proxy serving versions of our public websites for testing. I added an internal squid proxy, which sends requests for the 'testing' versions of the websites to the internal Apache reverse proxy, and requests for other sites onto the edge squid proxy. For the archive, the configuration is surprisingly simple: acl tested_sites dstdomain www.foo.com acl tested_sites dstdomain svc.foo.com (etc) cache_peer edge-proxy.internal parent 3128 0 proxy-only default cache_peer apache-reverse-proxy.internal parent 80 0 cache_peer_access edge-proxy.internal deny tested_sites cache_peer_access apache-reverse-proxy.internal deny !tested_sites Thanks again Tom
Attachment:
signature.asc
Description: This is a digitally signed message part
