Hi,
This problem has bothered me for a short time. I've read the FAQs
2x over and searched Google for some answers but haven't come across one
yet. We have a proxy pool of 3 servers, all configured to be siblings
with each other, with 1 additional proxy that has the above 3 as
parents. It uses CARP to divide the load among the boxes.
Recently, we tried to analyze a problem of proxy latency. Surfing
the net on the box was significantly faster, whereas a client accessing
the proxy (inspite of being "netographically" close -- same switch) was
rather slow. We tried pulling one proxy box from the siblings to act as
a stand-alone proxy to isolate the problem.
In doing so, we commented out all traces of cache_peers pointing to
the stand-alone proxy and restarted all daemons. The config file on the
stand-alone proxy removed all traces of cache_peers as well, and its
ACLs were loosened up.
However, when clients try to use the stand-alone proxy, they
receive a page informing them about "Forwarding Denied. This cache will
not forward your request because it is trying to enforce a sibling
relationship. Perhaps the client at 10.2.53.1 is a cache which has been
misconfigured." We have an ACL that allows any host from 10.0.0.0/8 to
access the proxy. Correspondingly, this is the entry in the log:
1029903983.167 2 10.2.53.1 TCP_MISS/403 1057 GET
http://www.versiontracker.com/ - NONE/- -
Am I missing something, or is it just some weird/crazy problem with
the ACLs?
Sorry if this question has been addressed in the FAQ or previous
messages here -- I must've overlooked it.
--------------------------------------
Gino LV. Ledesma
Ateneo Campus Network Group
Ateneo de Manila University
Quezon City, Philippines
Received on Tue Aug 20 2002 - 22:39:41 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:45 MST