Search squid archive

Re: Squid 3.1.x and Kemp loadbalancer.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 20.06.2012 22:40, Josef Karliak wrote:
Hi there,
  we use Kemp loadbalancer for balancing proxy (active-backup). All
users has set IP of kemp loadbalancer. But in the squid access_log is
IP of the loadbalancer, I want there an IP of the user that is
accessing the web pages (we use webalizer for analyzing top browsing
users).
  My logformat defined in squid.conf:
logformat combined %>a %ui %un [%{%d/%b/%Y:%H:%M:%S +0000}tl] \
"%rm %ru HTTP/%rv" >Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh

  Do I've some bad variable in the logformat ?


Your format is accurate.

The kemp load balancer apparently operates in one of two ways:

layer 4, using NAT alteration of packets before delivery to the Squid box. The real clients addresses are gone. There is no recovery possible.

layer 7, using a proxy which itself makes HTTP requests through Squid. So it is the one and only *client* to Squid. It *might* be able to set X-Forwarded-For headers and inform Squid about the clients original IP address. If so configure:

  acl kemp src ... IP of kemp load balancer(s)
  follow_x_forwarded_for allow kempID
  follow_x_forwarded_for deny all



NOTE: You have the alternative option of active-passive load balancing in a PAC file which is performed directly in the client browser.


Amos



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux