On 05/15/2018 08:27 AM, Alex Crow wrote: > Is it currently possible in v4 with bumping to have a cache_peer setup > so that https:// resources can be fetched from a peer if they are > available there? If I am interpreting the "if available" part of your question correctly, then what you want is unsupported in most SslBump environments because a bumping Squid does not receive requests for HTTP resources and, hence, cannot check whether a resource is available somewhere. Squid receives requests for blind TCP tunnels. Yes, SslBump converts blind TCP tunnels into HTTP transactions, but in nearly all practical setups, that conversion happens _after_ the TCP connection is established and pinned to the requested server. At the TCP connection establishment time, the HTTP resource (to be requested inside the tunnel) is still unknown. FWIW, with an experimental patch, you can route TCP tunnels to peers: https://github.com/squid-cache/squid/compare/53fdd3f...measurement-factory:7a4c4ed.patch Squid could disregard connection pinning and request the HTTP resource by establishing a new HTTPS connection (via a secure cache_peer if necessary). I have not tested this, but I suspect that Squid does not do that today: After bumping, you may get local cache hits, but no HTTP-level peering. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
