Amos Jeffries wrote:
Lyle wrote:
Hi All,
I've been having some trouble getting this setup. Initially I was
following a guide that didn't use a reverse proxy:-
http://news.ycombinator.com/item?id=612419
Which worked great locally, but not for any other computers. So I
figured it was missing a reverse proxy. I've managed to get Squid
installed and running on windows after following:-
http://www.ausgamers.com/features/read/2638752
The issue is configuring it to act as a non caching reverse proxy, I
tried reading:-
http://www.visolve.com/squid/whitepapers/reverseproxy.php
But the internal DNS bits at the bottoms aren't clear and left me at
a loss.
I also read:-
http://wiki.squid-cache.org/SquidFaq/ReverseProxy
But found it difficult to follow.
Here is what I'm trying to achieve:-
I have one public IP, let's call it 100.100.100.100. In my local
network I have multiple machines. Two of them are 192.168.1.10 and
192.168.1.20
On 192.168.1.10 I have Squid installed bound to 127.0.0.1:80 and both
IIS7 and Apache 2.2 on the same machine. Apache bound to 127.0.0.2:80
and IIS 127.0.0.3:80. 192.168.1.20 has Apache bound to port 80.
Apache is serving test1.domain.com and IIS test2.domain.com, Apache
on 192.168.1.20 is serving test3.domain.com.
In my local etc/hosts file I've got:-
test1.domain.com 127.0.0.2
test2.domain.com 127.0.0.3
test3.domain.com 192.168.1.20
Which works great locally.
domain.com is hosted on an external server. I've updated it's DNS
records with a new entry for test1 2 and 3 pointing to
100.100.100.100. If I ping any of them it get 100.100.100.100
All I need is the squid config to get the incoming requests and
forward to the correct local server based on domain name. But I just
can't seem to get my head around it, or find any straight forwards
guides online.
Pls help :(
Hi Lyle,
That first tutorial seems to omit any info what its goal really is
and has confused you terribly.
Your Squid should _NOT_ be one of the apps listening on 127.0.0.*
127.0.0.* access is a private range only available to programs running
on the same machine. When you have a public-facing Squid reverse proxy
on the same machine for two web servers it makes sense to place the
web servers on 127.*. But the Squid still has to be listening on
192.168.1.20 or 100.100.100.100.
Setup your Squid like this to handle multiple virtual-hosted domains:
http://wiki.squid-cache.org/ConfigExamples/Reverse/VirtualHosting
and add these bits to it for handing multiple web servers:
http://wiki.squid-cache.org/ConfigExamples/Reverse/MultipleWebservers
Note that with dstdomain ACL and others Squid does not need to use DNS
to figure out which web server each requests goes to. So hosts file is
not used.
The public-facing DNS should of course point all domains the three
software service at the Squid listening IP so people can access them.
Amos
Thanks Amos,
I've followed those pages and managed to get it working :) The only
things I'll note for anyone else that finds this post are:-
* The order in which the conf appears is very important.
* To allow anyone in to view http from the internet:-
#http_access deny all
http_access allow all
* If people can't get in from the internet check your firewall and open
port 80
Lyle