Search squid archive

Re: Reverse Proxy - order of cache_peer_access rules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 26/06/11 21:41, Oskar Stolc wrote:

Hi,

I am trying to set up a Squid reverse proxy, but it does not want to
work according my expectations.

I am serving two sites:
- www.example1.com
- www.example2.com

I have 3 backend servers:
- 10.0.0.1
- 10.0.0.2
- 10.0.0.3

I want Squid to send the
- www.example1.com queries to server 10.0.0.1
- www.example2.com queries to server 10.0.0.2
- if the query contains an o=16188 HTTP parameter I want Squid to send
it to 10.0.0.3 regardless of domain

Example:
- http://www.example1.com/?a=1&b=2 - goes to 10.0.0.1
- http://www.example2.com/?a=1&b=2 - goes to 10.0.0.2
- http://www.example1.com/?a=1&o=16188 - goes to 10.0.0.3
- http://www.example2.com/?a=1&o=16188 - goes to 10.0.0.3

My configuration looks like this:

acl site1 dstdomain www.example1.com
acl site2 dstdomain www.example2.com

acl ocode_param urlpath_regex o=16188

http_access allow site1
http_access allow site2

http_port 80 accel defaultsite=www.example1.com vhost

cache_peer 10.0.0.1 parent 80 0 no-query originserver name=server1
cache_peer 10.0.0.2 parent 80 0 no-query originserver name=server2
cache_peer 10.0.0.3 parent 80 0 no-query originserver name=server3

cache_peer_access server3 allow ocode_param

cache_peer_access server1 allow site1
cache_peer_access server2 allow site2

cache_peer_access server1 deny all
cache_peer_access server2 deny all
cache_peer_access server3 deny all


The problem is that the queries with o=16188 don't go to 10.0.0.3, but
are routed to 10.0.0.1 or 10.0.0.2 instead (based on domain). Does it
mean the cache_peer_access rules are not "first match first win"
rules? Should I re-order them? How?


Selection is based on cache_peer directive order.
cache_peer_access is just a modifier to prevent particular selection choices being made. 

"server1 allow site1" permits all site1, regardless of ocode_param.
Solution is to either add !ocode_param to each of the server1 and server2 access allows, or move cache_peer for server3 to the top. 

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE9 or 3.1.12
  Beta testers wanted for 3.2.0.9 and 3.1.12.3
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux