On Fri, Aug 14, 2009 at 5:15 PM, Matus UHLAR - fantomas<uhlar@xxxxxxxxxxx> wrote: <snip> > Squid ignores the original destination of connection in order to provide > correct content. Many servers provide the same (their own) content > independently on what Host: you ask for, so the cache would get filled with > incorrect content. That's one of downfalls when using inctercepting proxy. Hi Matus, Thanks for taking the time to reply. I don't understand the point you made above. In any case, I asked the same question on #squid and Henrik Nordstrom pointed out that we can work around this problem by using the source IP address for redirection, rather than the destination address. We've been using this successfully for the last couple of days. The only downside is that our two Squid caches now contain duplicate objects. We're going to see if we can modify the Squid source to use the requested destination IP address rather than looking it up again. I'll post here if we make any progress. <snip> > avoid using the proxy or explain why do you see different host than squid > does... It's caused by DNS host records with multple IP addresses (commonly used for load balancing eg on the akmai network). When the client looks up the host, it gets one IP address, and when Squid then does a DNS lookup shortly afterwards it receives a different IP address. richard@largo:~$ dig assets.macys.com A +short assets.macys.com.edgesuite.net. a796.b.akamai.net. 80.157.169.145 80.157.169.195 richard@largo:~$ dig assets.macys.com A +short assets.macys.com.edgesuite.net. a796.b.akamai.net. 80.157.169.195 80.157.169.145 This causes the Cisco router to redirect the response to the other Squid server which just drops it. -RichardW.
