Re: AW: Squid as reverse proxy

It is required for proper operation of "httpd_accel_host virtual".

If you are not using the redirector, then you must be using host based
acceleration (httpd_accel_uses_host_header on). In such case, make sure
to set httpd_accel_host to you main server name, not "virtual". Also,
only a single IP is required on the accelerator. Having multiple IP's
won't make a difference then.

The drawback is that if someone using a old client which is not sending
a Host header, then they will not be able to reach other domains than
the main domain listed in httpd_accel_host.

/Henrik

Christoph Stotz wrote:
>
> Hello !
>
> It seems to be working. But only _without_ the redirector
> script.
>
> I have in my /etc/hosts:
>
> <ip of internal webserver> <fqdn for internet reachability>
>
> In squid.conf I have (among other stuff)
>
> acl accelerated_servers dst 192.168.1.85 192.168.1.86 192.168.1.87
> httpd_accel_host virtual
>
> When I open one of the external IP´s , my request goest to the Squid
> which then get´s the correct page from the correct internal webserver.
>
> What is the redirector program then for ?
>
> Kind Regards
>
> Christoph
> Squid-Rookie
>
> -----Original Message-----
> From: Henrik Nordstrom [mailto:hno@hem.passagen.se]
> Sent: Freitag, 4. August 2000 07:47
> To: Christoph Stotz
> Cc: squid-users@ircache.net
> Subject: Re: AW: Squid as reverse proxy
>
> Yes.
>
> One correction/clarification: The x.x.x.x and y.y.y.y addresses in the
> redirector is the Internet addresses assigned to the Squid proxy, not to
> be confused with the backend addresses used in /etc/hosts...
>
> Now you may ask why I redirect to domain names and not the backend
> server IP addresses?
>
> a) To make sure the server will receive it's real name. This is used in
> redirects, CGI programs and other functions generating full URL's on the
> server. As a consequence you should also make sure the HTTP server knows
> it's real name if there is such a configuration setting (i.e. ServerName
> in Apache config).
>
> b) It allows the same setup to transition to also support virtual
> domains (Host header based). Simply enable httpd_accel_uses_host_header,
> and list all the domains hosted by each backend IP as aliases to that IP
> in /etc/hosts.
>
> --
> Henrik Nordstrom
> Squid hacker
>
> Christoph Stotz wrote:
> >
> > Hello !
> >
> > As far as I understand, solution b) matches exactly my request
> > I sent to the list on 02.08.00 titled "Accelerating Multiple
> > Servers located on different Machine" (see below)
> >
> > Is this correct ?
> >
> > <---cut here---><---cut here---><---cut here---><---cut here--->
> > Hello !
> >
> > I had a closer look to the FAQ and message archives before decinding to
> post
> > my question, but I didn´t find any answer to my problem:
> >
> > I have a Linux Box with Squid 2 (Stable 5) up and running. The machine has
> > two
> > NIC´s, one on the inner network (some people call that Intranet) and the
> > other
> > interface on the external network (which is the internet). The machine has
> > many
> > IP-Addresses on the outside interface and one single on the inside
> > interface.
> >
> > What I would like to configure is that I place many Web-Servers on my
> inner
> > network (on one or more machines which is not the Squid-Box itself) and to
> > be able to do http://<first_outside_ip> and to get the accelerated version
> > of my first webserver on the inner network. Then to do
> > http://<second_outside_ip>
> > and to get the next web server.
> >
> > I can immagine that this may be done by running more than one
> Squid-Instance
> > -
> > however I would like to do it with only one instance.
> >
> > Is that possible ?
> >
> > Many thanx for your help - and please don´t blame me if this is a old
> > question.
> > I really tried to find an answer to this.
> >
> > Kind Regards
> >
> > Christoph Stotz
> > <---cut here---><---cut here---><---cut here---><---cut here--->
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: Henrik Nordstrom [mailto:hno@hem.passagen.se]
> > > Gesendet am: Donnerstag, 3. August 2000 18:33
> > > An: satinder chadha
> > > Cc: squid-users@ircache.net
> > > Betreff: Re: Squid as reverse proxy
> > >
> > > How do you want Squid to differentiate between the different servers?
> > >
> > > a) By the Host header
> > >
> > > b) By unique Internet IP addresses
> > >
> > > c) Different potions of the URL "file" space
> > >
> > >
> > > ---- Alternative A ----
> > >
> > > Suqid.conf:
> > >
> > > httpd_accel_host your.primary.domain
> > > httpd_accel_uses_host_header on
> > > acl accelerated_servers dst y.y.y.y z.z.z.z
> > > http_access allow accelerated_servers
> > >
> > > /etc/hosts:
> > >
> > > y.y.y.y domain.of.server.1
> > > z.z.z.z domain.of.server.2
> > >
> > > Squid build options:
> > >
> > > ./configure --disable-internal-dns ....
> > >
> > >
> > > --- Alternative B ----
> > >
> > > Squid.conf:
> > >
> > > httpd_accel_host virtual
> > >
> > > /etc/hosts:
> > >
> > > as above
> > >
> > > Squid build options:
> > >
> > > as above
> > >
> > > Squid machine setup:
> > >
> > > 1 virtual IP address for each server, and this IP is officially
> > > registered on the domain name.
> > >
> > > Redirector program:
> > >
> > > #!/usr/bin/perl -p
> > > s%http://y.y.y.y\b%http://domain.of.server1% && next;
> > > s%http://z.z.z.z\b%http://domain.of.server2% && next;
> > >
> > >
> > > --- alternative C ---
> > >
> > > Use a more advanced redirector. No example given here.
> > >
> > > /Henrik
> > >
> > >
> > >
> > > satinder chadha wrote:
> > > >
> > > > Hi Henrik ,
> > > >
> > > > I am facing a problem in configuring squid as reverse proxy
> > > . I want one
> > > > single squid to act as a revrese proxy for multiple web
> > > servers on different
> > > > machines . Can you tell me how can I setup my squid to act as both
> > > > accelerator and redirector along with the redirecting
> > > script required on
> > > > perl .
> > > >
> > > > teh scenario is
> > > > My squid has IP x.x.x.x and the webservers have ip of
> > > y.y.y.y , z.z.z.z .
> > > > Can you suggest me the squid.config file and the redirector script .
> > > >
> > > > Regards
> > > > Satinder
> > > >
> > > ______________________________________________________________
> > > __________
> > > > Get Your Private, Free E-mail from MSN Hotmail at
> > http://www.hotmail.com
Received on Mon Aug 07 2000 - 13:50:06 MDT