Thanks Amos for your reply, but I have some confusion (see below)
On 11/10/2011 8:06 PM, Amos Jeffries wrote:
On 11/11/2011 12:00 p.m., Wilson Hernandez wrote:
Hello List.
I would like to know how I can use two squid servers to redirect
traffic for an especific page through the second squid server
connected to a different provider.
For ie:
squid2 ---- provider 1 (used for facebook.com
ONLY)
|
lan ---------------- |
|
squid1 ---- provider 2 (default server used
for everything except facebook)
I need to know how to use squid2 as a slave and what configuration do
I need on squid1 (master) in order for me to accomplish my task or
the rules need to be done with iptables?
The term master/slave terms may be where you are getting into trouble.
In HTTP terminology there are "parent/child" and "sibling"
relationships only. The parent/child relationship is a little
different from master/slave concept due to the two-way nature of the
data flow. Child is master of the request flow and slave for the
reply flow. Parent is master of the reply flow and slave for the
request flow.
If I interpret your message right you are asking about squid2 as
parent, squid1 as child. Nothing special for squid2 config. This would
be the config for squid1:
# link squid1 to parent (data source) squid2
# see http://www.squid-cache.org/Doc/config/cache_peer/ for the
actual text
cache_peer squid2 parent ...
So, this would go in squid1:
cache_peer squid2's-ip parent
This confuses me somewhat because i thought squid1 would be the squid2's
parent since squid1 would be the default for everything and it will send
request to squid2 for facebook traffic responding back to squid1 and
squid1 responding to the client (please, correct me if I'm wrong).
So, still all the LAN traffic would hit squid1... wouldn't this be the
same as I have it now? I would like to see if facebook traffic gets
better in our LAN....
# specify that only facebook.com requests goes to squid2
acl FB dstdomain .facebook.com
cache_peer_access allow FB
cache_peer_access deny all
# specify that squid1 MUST NOT service facebook.com requests itself
never_direct allow FB
Thanks.
Alternatively you maybe could also do this with only one Squid server
by marking packets for facebook.com requests with tcp_outgoing_tos or
tcp_outgoing_address which the OS layer routing detects and sends to
provider 1 interface and blocks from accessing provider 2.
Amos
