On 2017-12-28 07:53, Mauricio Garavaglia wrote:
Hello! I have a squid 3.5 caching HTTPS doing BumpSSL, everything works ok butI need to add another one as a parent (bigger storage and but different SLA...) of the first one, while still allowing it to go direct if the parent is not available. [Client]---->[Squid 1]----->[Squid 2]---->[Origin Server] To proper cache both, I would need to bump, but that's not available per https://github.com/squid-cache/squid/blob/v3.5/src/FwdState.cc#L813 What would be the correct way to accomplish that? Tried making the first one to just peek but I still want to allow to cache the responses and not just bypass the connection.
The way to do this is to use MARK or TOS to label the child proxy outgoing traffic so routing can send it to the parent proxy where it gets re-bumped. Both proxies otherwise operate as stand-alone interceptors.
DO NOT use cache_peer originserver connections between them - while this can appear to work for some traffic it removes TLS properties needed by many modern clients.
Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
