On 21/08/2013 1:17 a.m., Mohsen Dehghani wrote:
Hi team I have already implemented tproxy + L2 wccp and it works perfectly except one: squid just uses one cpu(core) and other cores on a DELL R710 are wasted. I have about 140 Mbps traffic and it utilizes 50% of one core. When decided to run multicpu squid using this help: http://wiki.squid-cache.org/ConfigExamples/MultiCpuSystem I noticed that the backend receives the requests with the ip address of frontend(127.0.0.1). As my squid machine do not have any public ip ( I just used tproxy before ) so it cannot get the request and forward it to the frontend. It means the backend does not spoof the client ip. My question is how can I force the backend to use the client ip address to get request from internet servers? My squid version is 3.3.8 My machine does not have any public IP
With 3.3 series you are likely to find http://wiki.squid-cache.org/Features/SmpScale workers are better than separate Squid instances. The config file is far simpler and being a single layer the TPROXY relay issue is not present.
In theory you can pass TPROXY details through two layers by using the "no-tproxy" option on the front layers cache_peer line, "follow_x_forwarded_for allow localhost" on the backend layer. It may also require tproxy http_port option on the backend layer to handle setup of the outgoing spoofing properly. Just theorizing here, if anyone wants to try it please inform us on how it goes :-) It will definitely fail unless both layers are on the same box, otherwise it should work.
Amos