Re: [SQU] Squid On Speed?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 26 Dec 2000 15:14:05 +0100

David Hubner wrote:

> With the gateway machine running squid, i have the options
>
> http_port 80 8080
> httpd_accel_host www.st-lukes.local
> httpd_accel_port 8000
> httpd_accel_with_proxy on
>
> now the problem is that the host outside the gateway can see the web
> page and the people inside get an access denied???

More likely your users on the inside are trying to readh
www.st-lukes.portsmouth.sch.uk using the same Squid as is the
accelerator. Squid is not smart enought that it is in fact accelerating
www.st-lukes.portsmouth.sch.uk, and instead tries to proxy it, ending up
contactin itself. This triggers the loop detection which denies the
request from the simple fact that it is looping back on itself.

How you can set up Squid to not have this problem when used both as a
proxy and accelerator, and your local users needs to use the
proxy/accelerator to reach the accelerated server:

1. Compile squid with --disable-internal-dns
2. Configure your OS to first look in /etc/hosts, then DNS
3. Add www.st-lukes.portsmouth.sch.uk to you /etc/hosts table with the
IP of the real server
4. Configure Squid with
    httpd_accel_host www.st-lukes.portsmouth.sch.uk
    ....

--
Henrik Nordstrom
Squid hacker
--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Tue Dec 26 2000 - 13:14:18 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:07 MST