Thanks for the reply!
I'm not sure I'm following. Are you suggesting to remove cache_peer in the child, use qos_flows to mark the cache miss traffic, and then configure routing policies to direct that to the parent squid?
Anything I could read to get more info about that approach?
On Thu, Dec 28, 2017 at 12:44 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
On 2017-12-28 07:53, Mauricio Garavaglia wrote:
Hello! I have a squid 3.5 caching HTTPS doing BumpSSL, everything
works ok butI need to add another one as a parent (bigger storage and
but different SLA...) of the first one, while still allowing it to go
direct if the parent is not available.
[Client]---->[Squid 1]----->[Squid 2]---->[Origin Server]
To proper cache both, I would need to bump, but that's not available
per
https://github.com/squid-cache/squid/blob/v3.5/src/FwdState. cc#L813
What would be the correct way to accomplish that? Tried making the
first one to just peek but I still want to allow to cache the
responses and not just bypass the connection.
The way to do this is to use MARK or TOS to label the child proxy outgoing traffic so routing can send it to the parent proxy where it gets re-bumped. Both proxies otherwise operate as stand-alone interceptors.
DO NOT use cache_peer originserver connections between them - while this can appear to work for some traffic it removes TLS properties needed by many modern clients.
Amos
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
