On 30/03/2013 2:26 a.m., C. Pelissier wrote:
Hi,
How can I configure squid (direct proxy) to redirect to another parent
proxy only if requested url hostname DNS resolves to a particular
network (for example 125.0.0.0/32).
With
cache_peer PARENT-PROXY-IP parent 3128 0 proxy-only no-query
all requested client url are redirected to PARENT-PROXY:3128
Example
If requested url is http://www.fujitsu.com and
www.fujitsu.com solve to 125.x.y.z how to tell squid to use cache_peer
and never use it when requested url does not belong to 125.0.0.0/32 IP range.
The answer to your question is: by using a ACL of type dst.
However, there are a few problems involved:
1) domains often have more than one IP address. You will find dst
matches if *any* of the DNS results produce a matching IP. Whether or
not that destination IP is actually used.
2) dst ACL is a "slow" category ACL since it often requires DNS delays.
cache_peer_access is a "fast" type access check which does not wait for
those DNS results to come back.
- You will need to configure the ACL to be tested on in one of the
slow access checks before peer checking, eg http_access in
adapted_http_access.
Amos
