I had/have a similar situation. I've got a squid at the machine hub, and we never want it to go
direct, IF it's parent is alive.
If the parent dies/is-unreachable/goes-up-in-flames/is-flung-out-past-the-orbit-of-mars (by some
bizarre gravitic anomaly) we want to go direct _until_ it comes back up.
The best solution I could come up with was a periodic test. I test to see if we can talk to them
(every five minutes).
I maintain two configs (parent.conf and direct.conf). squid.conf is a link to whichever we are
using at the time.
(Additionally, if we are running direct, the file DIRECT exists in /squid/etc)
So:
If the parent is off AND the file 'DIRECT' does not exist:
remove the symbolic link. Point it to direct.conf. Create the file 'DIRECT' and then
squid -k reconfigure.
If the parent is on AND the file 'DIRECT' _does_ exist:
remove the symbolic link. Point it to parent.conf. Delete the file 'DIRECT' and then
squid -k reconfigure.
else
do nothing.
It sucks a bit, because of the latency (up to 5 minutes) until the cron-script notices that the
parent is down (or up) (plus another minute or so for the reconfigure, maybe).
I'd love a nicer solution to this..here's a daft idea:
cache_host none direct 0 0 default no-query ignore-firewall
Would it be so hard to munge this into the peer configging as 'direct, only if ICP fails' (of
course you might be doing single_parent_bypass, as we do..in which case a failed connect to the
parent should fall back to the direct approach)
D
James McOrmond wrote:
> essentially the story is this.
>
> I've got two gateway machines, one on each network connection (one slow, one fast).
>
> I want users connecting to the squid on the slow machine, to have everything forwarded
> to the faster squid, (other than specific local domains) if the faster connection is up.
>
> If I use the inside_firewall stuff, it never goes direct. If I don't, it queries the other
> squid, but goes direct if it's not there.
>
> I had "default" on the cache_host line, but that wouldn't go direct either.
>
> the faster squid, is always marked as parent in the cache_host line of the slower squid.
>
> I now have "closest-only" with all the icmp stuff turned on (both systems), but it's
> still not doing it.
>
> Both machines are running Squid 1.1.18. and are connected via ethernet, so that has to
> be the fastest route :-)
>
> any ideas?
>
> also, one minor thing. When requesting stuff from the slower squid (when I was using the
> firewall stuff), it would forward the request to the faster squid, and then the faster squid
> would do an extra query back to the slower one. Is there any way to avoid this extra query
> when it's going to the system that did the request?
>
> --
> James A. McOrmond - AmigaOS and Linux Admin.
> Jammys.Net Systems - Fidonet Gateway & UUCP feed provider, Ottawa, ON
> UUCP/FidoNet Feeds: http://www.jammys.net/system/feeds.html
> Health Information: http://www2.jammys.net/health/
-- Note to evil sorcerers and mad scientists: don't ever, ever summon powerful demons or rip holes in the fabric of space and time. It's never a good idea. ICQ UIN: 3225440Received on Fri Nov 14 1997 - 23:11:53 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:38 MST