Hi all,
the new internal DNS code in squid-2.3.STABLE1 (Solaris 2.7) broke my
http_accel with virtual hosts configuration in such a way, that Squid
doesn't honour /etc/nsswitch.conf. Thus, any necessary tricks for
accelerated virtual hosts within protected IP address ranges don't work
anymore.
If, for example, my www.host-to-be-accelerated.com had the public IP
address 200.200.200.1 (which is in fact the FQDN of a load balancing
engine) and behind that load balancing engine were a lot of hosts having
their HTTPD's and their Squids "in front of them", and all of these hosts
had addresses like 192.168.1.x, redirecting would only work if Squid uses
the resolver library of my OS. I would have to give
www.host-to-be-accelerated.com a new IP address (192.168.1.100) in the
/etc/hosts file of each host. Now this is broken with squid-2.3.STABLE1.
I _have_ to use "http_accel_host virtual" in squid.conf.
This is the configuration that worked with squid-2.2.STABLE4:
# --- /etc/nsswitch.conf: ---
hosts: files dns
# --- /etc/nscd.conf: ---
enable-cache hosts no
# --- /etc/resolv.conf: ---
nameserver 192.168.255.250
# --- /etc/hosts: ---
192.168.1.100 www.host-to-be-accelerated.com
# --- /usr/local/squid/etc/squid.conf: ---
# (incomplete)
http_port 192.168.255.1:80
tcp_outgoing_address 192.168.255.1
dns_children 15
redirect_program /usr/local/squid/bin/jesred
redirect_children 30
redirect_rewrites_host_header on
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy off
httpd_accel_uses_host_header on
Switching back to external dnshelpers was the only way to make use of
/etc/hosts again. It would be very helpful to have a configuration option
like this:
dns_resorder files nis dns
... or something like that!
Thanks for reading,
Eelco
-- /* Eelco M. Glasl <emglasl@gmx.net> * ICQ#: 52029132 */Received on Thu Feb 17 2000 - 12:35:40 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:51:19 MST