> Looks to me like a mistake in testing URI: > http://box4_test_eth0/index21.html I'm sorry, I forgot about the load balancer component of my architecture. I do understand the uri must be consistent across squid nodes. I have updated my architecture diagram here:http://www.exponentialent.com/squid/squid%20example.jpg. I've also uploaded an access attempt to the load balancer here: http://www.exponentialent.com/squid/load_balancer_access_attempt.txt. My understanding is that since the URI is the same for both squid nodes when coming through the load balancer that the squid cache should work properly, even though hostnames are being used instead of DNS. I assume this to be the case because my current configuration works perfectly if I remove CARP from my squid installs. Each squid box simply caches the same objects instead of distributing the cache. This sounds like a CARP problem, not a DNS/Apache problem to me. > If apache knows its supposed to be authoritative for the domain > "box4_test_eth0" things would be okay. But I suspect its not. Apache does not know what domains it is authoritative for. I am not running DNS in my test cluster, instead I am simply using the /etc/hosts file: # 10.0.3.1 box1_test_eth0 # 10.0.3.2 box2_test_eth0 # 10.0.3.3 box3_test_eth0 # 10.0.3.4 box4_test_eth0 # 10.0.3.7 box5_test_eth1 # 10.0.3.8 box6_test_eth1 # 10.0.3.5 box7_test_eth0 # 10.0.3.6 box8_test_eth0 However, if I remove CARP the squid nodes work perfectly so that makes me think that the apache server's current configuration is ok for these tests, otherwise I would still get 403 errors with carp removed. > Also there is a forwarding loop going on to confuse things further. I noticed that: # X-Cache: MISS from box7_test_eth0 # X-Cache-Lookup: MISS from box7_test_eth0:80 # X-Cache: MISS from box4_test_eth0 # X-Cache-Lookup: MISS from box4_test_eth0:80 # X-Cache: MISS from box7_test_eth0 # X-Cache-Lookup: MISS from box7_test_eth0:80 How should my two squid boxes be configured? As you can see in my configurations, they both reference one another as carp peers: # Box4 config: # cache_peer box7_test_eth0 parent 80 0 carp weight=1 # Box7 config: # cache_peer box4_test_eth0 parent 80 0 carp weight=1 > Note that the mediawiki guys have two layers of Squid. The routing layer and > the caching layer. The routing layer are the ones configured saying CARP > each parent on the caching layer. The caching layer are configured saying > peer from apache. Only 'parents' at each level going upwards. I did notice that, I wasn't sure about the exact relationship between the two squid layers was so I decided I would go with one layer of CARP for now (with a load balancer in front), and if that turns out to be inadequate I would look into an alternate solution. > Your single-layer setup needs the squid to be _siblings_ (carp should work > the same between siblings as between parents). With only the apache as > 'default' parent. I had tried that before, but that doesn't work: I changed 'parent' to 'sibling' in my box4 conf file, then restart squid and get this: # box4_testcluster# /usr/local/etc/rc.d/squid restart # Starting squid. # FATAL: parse_peer: non-parent carp peer box7_test_eth0/80 # ... # box4_testcluster# Plus, in the book I purchased "Squid, the definitive guide" on page 178 under the CARP protocol it says that carp nodes must all be defined as parents, not siblings. It gives a fragmented CARP peer configuration example showing parent as the specified keyword in all carp nodes, too. Thanks for your suggestions thus far, if you have any more ideas on where I could put effort that would be great :) -Rob Williams On Wed, Aug 6, 2008 at 7:13 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > Adrian Chadd wrote: >> >> First thing to note - if you're going to use Squid-3.0, at least use >> the most recent Squid-3.0.STABLE snapshot. >> >> Second thing to note - the wikimedia guys are using Squid-2.6 at the >> present time; perhaps the CARP support is slightly different between >> 2.6/2.7 and your Squid-3.0 snapshot. > > Possibly. Though the latest 3.0.STABLE8 has the same CARP. > > Looks to me like a mistake in testing URI: > http://box4_test_eth0/index21.html > > If apache knows its supposed to be authoritative for the domain > "box4_test_eth0" things would be okay. But I suspect its not. > > Also there is a forwarding loop going on to confuse things further. > > Note that the mediawiki guys have two layers of Squid. The routing layer and > the caching layer. The routing layer are the ones configured saying CARP > each parent on the caching layer. The caching layer are configured saying > peer from apache. Only 'parents' at each level going upwards. > > Your single-layer setup needs the squid to be _siblings_ (carp should work > the same between siblings as between parents). With only the apache as > 'default' parent. > > Also; > DNS needs to be configured for a test domain pointing at the squid IP. This > domain name needs to be configured in apache as the public FQDN being > served. Maybe in squid as the defaultsite= , but not as any of the server > names. It definately MUST be the domain used in testing URIs. > > Amos > -- > Please use Squid 2.7.STABLE3 or 3.0.STABLE8 >
