Search squid archive

Re: Squid reverse with two web servers in different TCP ports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 16 Feb 2010 20:02:34 -0300, "Alejandro Facultad"
<alejandro_facultad@xxxxxxxxxxxx> wrote:
> Dear all, I have Squid 2.7 configured with reverse mode. I have two web 
> sites:
> 
> OWA (webmail): 10.2.2.1 in port 80
> Intranet: 10.2.2.2 in port 44000
> 
> Squid with OWA is working perfectly, but when I add to the squid.conf
the 
> lines for Intranet, the Intranet site does not respond (requests don't
> reach 
> the Squid box apparently).
> 
> This is my config, taking into account Squid has the IP 10.1.1.1 and
it's 
> listen in port 80:
> 
> http_port 10.1.1.1:80 accel defaultsite=www.owa.gb
> 
> cache_peer 10.2.2.1 parent 80 0 no-query originserver login=PASS 
> name=owaServer
> 
> cache_peer 10.2.2.2 parent 44000 0 no-query originserver name=intRanet
> 
> acl OWA dstdomain www.owa.gb
> acl Inet dstdomain www.intranet.gb
> 
> cache_peer_access owaServer allow OWA
> cache_peer_access intRanet allow Inet
> 

You should also prevent requests crossing over between these two peers
explicitly.

  cache_peer_access owaServer deny all
  cache_peer_access intRanet deny all

> never_direct allow OWA
> never_direct allow Inet
> 
> http_access allow OWA
> http_access allow Inet
> 
> http_access deny all
> 
> miss_access allow OWA
> miss_access allow Inet
> miss_access deny all
> 
> In the testing PC, both www.owa.gb and www.intranet.gb point to 10.1.1.1

> (Squid IP), and all the routing is OK.
> 
> After that, I have logs from OWA access but I haven't any log from
> intranet 
> access at all in the /var/log/squid/access log file.
> 
> Can you tell me why Squid doesn't work with my second web site on port
> 44000 
> ???

You will need to add "vhost" to the existing http_port line to handle
multiple domains now regardless of what else the fix requires.

Also check:

 * Does the LAN DNS point at Squid?

 * Do the LAN clients know that its now normal port 80 to access the
internal site?
   You can avoid transition problems by temporarily adding:
      http_port 10.1.1.1:44000 accel vhost defaultsite=www.intranet.gb

 * Now that you are serving both websites do you still want www.owa.gb to
be the default one visited? (defaultsite=)

Amos
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux