Pandu E Poluan wrote:
Nope.
acl fastsites dstdomain 206.190.39.216
Still result in the "Unable to forward this request" error.
I'm a bit stumped here... how to prevent ProxyB and ProxyC from
forwarding that IP address?
Just FYI, here's a snippet of ProxyB's squid.conf:
# snippet of ProxyB squid.conf
#
# This is ProxyC
cache_peer 172.31.160.99 sibling 3128 4827 htcp
# And this is ProxyA
cache_peer 172.31.2.103 sibling 3128 4827 htcp weight=2 allow-miss
#
# ProxyA selectively becomes parent for these domains
neighbor_type_domain 172.31.2.103 parent .yahoo.com .yimg.com
.yahooapis.com
neighbor_type_domain 172.31.2.103 parent .google.com .google.co.id
.gmail.com
#
acl fastsites dstdomain .yahoo.com
acl fastsites dstdomain .yimg.com
acl fastsites dstdomain .yahooapis.com
acl fastsites dstdomain .google.com
acl fastsites dstdomain .gmail.com
#
never_direct allow fastsites
Perhapse you need to add:
shared:
acl fuIps dst 206.190.39.216
proxyC:
cache_peer proxyB deny fuIps
cache_peer proxyA allow fuIps
never_direct fuIps
proxyB:
cache_peer proxyC deny fuIps
cache_peer proxyA allow fuIps
never_direct fuIps
proxyA:
always_direct fuIps
cache_peer 172.31.160.99 allow !fastsites !fuIps
cache_peer 172.31.2.103 allow !fuIps
As you can see, I don't specify 206.190.39.216 in never_direct or
neighbor_type_domain, but ProxyB still forwards requests to
206.190.39.216 toward ProxyA.
sometimes, on a weighted basis. sometimes it will try direct, and
sometimes through proxyC. mayhap its netdb is recording the proxyA as
best route when proxyC says it goes through proxyA as well.
I'm not sure I want to put those addresses in always_direct ... beats
the purpose of Squid mesh (between ProxyB and ProxyC), IMO.
Yes this is setting up a break in the mesh.
But for the
life of me, I still can't figure out how to make ProxyA receive those
forwards.
That is what never_direct and cache_peer_access do at proxyB and proxyC.
Rgds.
[p]
Amos Jeffries wrote:
Pandu E Poluan wrote:
Hi all!
I've configured my proxies correctly, and now they work as expected.
* Requests to fast sites get forwarded to ProxyA, which uses FastInet
* Other requests gets handled directly by ProxyB and ProxyC, which
uses SlowInet
There's a problem, however, that recently cropped up.
I've added ".google.com" and "mail.yahoo.com" as a fast sites.
Accesses to Google and Yahoo Mail (mail.yahoo.com) gets accelerated,
as expected.
However, when trying to access the Google cache, apparently the URL
uses an IP address instead of a domain name, e.g. "72.14.192.66"
Same situation happened when accessing an attachment in Yahoo Mail,
it uses an IP address instead of domain name, e.g. "206.190.39.216"
I keep getting errors:
===== Error message snip =====
The following error was encountered:
* * Unable to forward this request at this time. *
This request could not be forwarded to the origin server or to any
parent caches. The most likely cause for this error is that:
* The cache administrator does not allow this cache to make direct
connections to origin servers, and
* All configured parent caches are currently unreachable.
===== Error message snip =====
I think ProxyB and ProxyC somehow performed a reverse DNS, and
forwards the IP-address-based requests to ProxyA, while ProxyA only
allows explicit URLs in its miss_access directive.
I've tried editing the ProxyA's squid.conf like follows:
#snippet of ProxyA squid.conf
acl fastsites dstdomain .yahoo.com
acl fastsites dstdomain .yimg.com
acl fastsites dstdomain .yahooapis.com
acl fastsites dstdomain .google.com
acl fastsites dstdomain .gmail.com
acl fastsites dstdomain 206.190.39.216
#
acl fastsites_ip dst 72.14.192.0/18
acl fastsites_ip dst 206.190.39.216
#
miss_access allow fastsites
miss_access allow fastsites_ip
miss_access deny siblings
But to no avail.
Any suggestions?
Does adding the IP-text "206.190.39.216" to the dstdomain ACL work?
Squid should try an exact text match before doing rDNS.
Otherwise you may be stuck with an url_regex pattern for those.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7
