On Tue, 1 Apr 1997, Duane Wessels wrote:
> danny@hilink.com.au writes:
>
> >
> >The only catch is that 'route' is suid root so that it can read the kernel
> >routing tables, and thus a separate squid-routed would be needed to
> >interrogate the tables on squid's behalf.
> >
> >Thoughts?
>
> Wow, I fall asleep and miss a whole thread overnight....
>
> I am very interested in getting Squid to look at IP routing for
> request forwarding. Of course some people call that a serious
> layer violation...
>
> Peeking at the kernel routing table may be a good place to start,
> but I don't know that it will be powerful enough. It may only
> work for caches directly connected to border routers.
>
> I think AS numbers is the right way to go in the long run. My dream is
> that there is at least one cache running in each AS. Given the IP
> address of an origin server, we can somehow query a router or a gated
> process and receive the AS path to that server, or at least the next-AS
> in the path. Then we forward the request to the cache running in the
> next AS.
>
> I would really like to have an interface between gated and Squid.
> Perhaps such a thing would not be too difficult. I need to spend
> some quality time educating myself more on IP routing things.
An interface between gated and squid would be interesting. Another
possibility raised is the use of snmpwalk piped to perl to read the tables
of the border router and put them into a localnets config file. This has
some merit, in that gated needed run on the squidhost, and the ASN tags
can also be read. Reading the kernel routing table won't give you
ASNs.
It is hard to know which way to jump. The squid-routed would work
for me, because I run gated on my squid-host so that it knows my local
networks. But I don't have an ASN and I don't run BGP; I run OSPF
internally.
If I were to use a parent squid, I would have to know all local domains,
and constantly update squid's conf. For this reason, I don't use a
parent. Because I co-locate with another ISP (I guess you could call it
peering without BGP) I don't necessarily know all of their IP addresses or
domains. Being able to simply query the routing table would be good.
Also, squid needn't be directly connected to a border router to use this
method, as even RIP from the border router to the squid host's net would
allow routed (blech!) to configure the squid host's routing table.
Danny
Received on Tue Jul 29 2003 - 13:15:40 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:11:16 MST