Aegis1888 wrote:
Hi Guys,
So I've got pretty far with configuring my installation of squid. I'm
extremely pleased with the progress so far, but one thing is holding me
back. The problem is that I want to direct requests for a particular domain
through to a web server that I have configured internally. I thought I could
simply change an entry in the /etc/hosts file on the server squid is running
on, for example;
198.xxx.xxx.xxx www.hotmail.com
Every request that a browser makes for www.hotmail.com will be resolved by
squid to the ip address 198.xxx.xxx.xxx. However this didn't work. Basically
when I make this change, and make a request for www.hotmail.com, the browser
hangs. But when when i remove this entry from the hosts file the browser is
able to get to hotmail successfully. That tells me that squid is reading the
hosts file, but there is possibly some error in the name resolution.
NOTE: I understand that you have to restart squid for it to see the changes
in the hosts file, as specified in;
http://www.squid-cache.org/Versions/v2/2.6/cfgman/hosts_file.html
Before I go on, I should mention that I am running squid 2.6 on ubuntu
jaunty jackolope. There is a webserver running on the same machine that I've
tried it with and another internal webserver running on a different machine.
In addition I've chained this proxy to a parent proxy that requires
authentication.
Now I am not a network guy, this isn't (usually) my job, its just happened
to have landed on my lap and there's nobody else that can do it (i'm not
bitter). So my understanding of how proxy servers resolve hostnames is
sketchy at best.
IIUC when squid gets a request for a host name it will try to resolve it
against a DNS server. The /etc/hosts file acts as a local DNS server/lookup
for squid. If squid finds an entry for the host name in this hosts file than
it will resolve to this IP address.
However what I'm not sure about is whether the parent proxy will use this ip
address or do its own DNS lookup. I mean does squid send the hostname or the
IP address to the parent? Because this could be a potential problem.
If its the case is the child proxy has a problem with the lookup, how would
I be able to tell?
Also, is this the correct way of assigning a different IP address to a
hostname? Will the hosts file solution suffice? Am I overlooking something?
Do I need a full blown DNS server?
Any help would be greatly appreciated.
Cheers
You can forget hosts for this. DNS is not involved.
Since you are passing everything through a parent proxy. You face the
choice of configuring the parent proxy itself to pass off to the web
server. Via a normal DNS and web request, or via its own cache_peer link.
Or whether to bypass the 'internal' domain requests and pass them
straight to the web server from your Squid without touching the parent
proxy.
The correct way to do that is to add a cache_peer entry for the web
server you are passing things to. Squid is mixing a bit of reverse-proxy
mode with it's normal operations. So the cache_peer + cache_peer_access
parts of this tutorial apply (but not the http_port part and maybe not
http_access parts):
http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18
Current Beta Squid 3.1.0.13
