Below is the right config that I updated in my squid.conf file
acl user1 note user username1
cache_peer Peer1 parent 3218 0 no-query connect-fail-limit=1 name=Peer1
cache_peer_access Peer1 allow user1
cache_peer_access Peer1 deny all
On Mon, Jul 6, 2020 at 9:28 PM Prem Chand <premchand142@xxxxxxxxx> wrote:
Hi Amos,On further digging I understood that acl route via cache_peer_access (cache_peer_access Peer1 allow user1) is not working hence requests are failing. I'm not sure the exact reason. Can you please suggest how to fix this?acl user1 note user username1cache_peer Peer1 parent 3218 0 round-robin no-query weight=1 connect-fail-limit=1 name=Peer1cache_peer_access Peer1 allow user1cache_peer_access deny allOn Mon, Jul 6, 2020 at 4:00 PM Prem Chand <premchand142@xxxxxxxxx> wrote:Hi Amos,I tried the configuration that you suggested but I'm getting below error. It seems the requests are not getting forward to cache_peer. I'm unable to figure out what is the cause of the issue. If I revert it to my previous configuration I'm not seeing any issue with cache_peer's.** Establish HTTP proxy tunnel to www.google.com:443
* Proxy auth using Basic with user 'username1'
> CONNECT www.google.com:443 HTTP/1.1
> Host: www.google.com:443
> Proxy-Authorization: Basic bGluZTE6dGVzdGluZw==
> User-Agent: curl/7.58.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 503 Service Unavailable
< Server: squid/3.5.27
< Mime-Version: 1.0
< Date: Mon, 06 Jul 2020 10:24:28 GMT
< Content-Type: text/html;charset=utf-8
< Content-Length: 3905
< X-Squid-Error: ERR_CANNOT_FORWARD 0
< Vary: Accept-Language
< Content-Language: en
<
* Received HTTP code 503 from proxy after CONNECT
* CONNECT phase completed!
* Closing connection 0
curl: (56) Received HTTP code 503 from proxy after CONNECTOn Thu, Jul 2, 2020 at 6:29 PM Prem Chand <premchand142@xxxxxxxxx> wrote:Hi Amos,Thanks for the response.However, what do you want to happen when that user's dedicated peer is unavailable?Can it be routed to another peer if a dedicated peer is unavailable? because each peer is accessed by a different username and password. If there is an option to route then I will keep a backup peer(Peer4) so if any one of the peers(Peer1,Peer2,Peer3) is unavailable it can route to the backup peer and once the unavailable peer become available then traffic should auto route to them from backup peer.If there is no option that fits as I explained above then I want to stop all access for them.Are you wanting to keep this behaviour?I don't want to use the round-robin behaviour. I want to route requests to dedicated Peer/Client.On Thu, Jul 2, 2020 at 3:19 PM Prem Chand <premchand142@xxxxxxxxx> wrote:Hi,I need to redirect my clients requests to different Cache_peers using username and passwords through my proxy. Below is the rough sketch. Can someone suggest to me how I can achieve this?
Client1(Username1:password1) ->Proxy:443 -> Cache_peer:3218
Client 2(Username2:password2)->Proxy:443-> Cache_peer:3219....This is my current configuration, I'm doing round robin through cache_peers when authenticated with a single username and password in /etc/squid/squidpasswdfile fileauth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squidpasswdfile
auth_param basic realm proxy
acl auth_users proxy_auth REQUIRED
http_access allow auth_users
http_access deny all
cache_peer Peer1 parent 3218 0 round-robin no-query weight=1 connect-fail-limit=1
cache_peer Peer2 parent 3219 0 round-robin no-query weight=1 connect-fail-limit=1
cache_peer Peer3 parent 3219 0 round-robin no-query weight=1 connect-fail-limit=1Thanks & RegardsPremchand.
--prem
--prem
--prem
--
prem
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
