ons 2008-12-03 klockan 20:09 -0200 skrev Lucas Brasilino: > I'm getting puzzled with routing requests with Squid 2.7STABLE5 and how > 'always_direct' and 'never_direct' works. always_direct allow means that this Squid MUST NOT use any cache_peer while forwarding the request, instead it must go to the requested server. never_direct allow (unless always_direct allow is also in effect) means the opposite. That this Squid MUST use a cache_peer while forwarding the request and MUST NOT go directly to the requested server itself. > Basically I'd > like to route a requests with a specific extension to another squid > instance, including requests to your domain, or only outside requests? I guess this was answered by your config example.. requests for foo.bar.com with specific extensions. > requests to my domain to go directly and outside > requests go through my parent proxys. > acl bar dstdomain .bar.com > acl foo dstdomain foo.bar.com > acl caching_tier2 url_regex -i (\.css|\.jar|\.png|\.gif|\.jpg|\.js)$ > cache_peer_access tier2 allow caching_tier2 foo > cache_peer_access tier2 deny all > always_direct allow !caching_tier2 bar > never_direct allow all Here is a slight mismatch. To tier2 you send only caching_tier2 in foo.bar.com but you allow the following going direct !caching_tier2 in .bar.com This means that caching_tier2 in .bar.com except for foo.bar.com will go to the parent proxies as it's not allowed to go direct, not allowed to go via tier2 and not excluded from going via the parents. Additionally > cache_peer_access proxy1 deny caching_tier2 foo says that any requests in bar except for foo or where always_direct is in effect may be sent via the parents, which further adds to the confusion.. > Since 'allow' match of 'always_direct' goes directs, any request to > domain 'bar.com' which doesn't matches > 'caching_tier2' ACL should go direct. But what is happening is: > > request to http://foo.bar.com/something.jpg => routed to tier2 => OK > request to http://other.bar.com/<anything> => routed to parents => NOT OK! > request to http://outside.world.com/<anything> => routed to parents => OK! > > So...Where am I messing things up ?? :-) Probably you want cache_peer_access tier2 allow caching_tier2 foo never_direct allow caching_tier2 foo cache_peer_access proxy[1234] allow !bar [repeat per proxy1234] never_direct allow !bar which says that caching_tier2 in foo.bar.com must go via tier2 (excluded from proxy[1234] as foo is also in bar) anything except .bar.com must be sent to the parents. .bar.com except caching_tier2 goes direct as they are excluded from both tier2 and the parents. Regards Henrik
