On Thursday 07 August 2003 16.42, Jim Flowers wrote:
> http_port ifc1.ip:80 ; listen for queries on outside interace
You want some options there to enable accelerator mode... I would
suggest
http_port ip:80 accel vhost defaultsite=www.yourmaindomain.com
If you do not want to support Host: based virtual domains then remove
the vhost option. (note: the accel directive is automatically enabled
if vhost or defaultsite is used).
> https_port ifc1.ip:443 cert=path-to-server.crt
> key=path-to-server.key defaultsite=www.accelhost.tld protocol=http
> ; listen for ssl queries on outside interface
>
> # define origin servers
> #----------------------
> cache_peer origin-host1-ip parent 80 0 no-query originserver
> name=www.originhost1domain.tld ; virtual name-based host
>
> cache_peer origin-host1-ip parent 80 0 no-query originserver
> name=www.originhost2domain.tld ; virtual name-based host
> # possibly use forceddomain=wwwvh.originhost2domain.tld?
Dont use the forceddomain directive unless you absolutely need to.
This option is not for virtual hosting, but for forwarding traffic to
servers who really insist that they are called by a specific name
different from what you want to present on the Internet.
> And, how I think it works:
>
> 1. Queries arrive at accel due to dns or dns-round-robin,
>
> www.originhost1domain.tld IN A ifc1.ip
Yes.
> 2. Squid maps www.originhost1domain.tld to origin-host1-ip and
> forwards query to origin-host1-ip with Host Header set to
> www.originhost1domain.tld
Squid selects a cache_peer to forward the request to. Which peer it
selects is based on cache_peer_access (default any configured peer).
If you want different domains to be forwarded to different servers
then set this up with cache_peer_access by only allowing the domains
which should be forwarded to each server.
> The originserver will then respond if:
> a. It is a physical server located at origin-host1-ip
> b. It is an ip-based virtual host with origin-host1-ip
> c. It is a name-based virtual host with name
> www.originhost1domain.tld located at origin-host1-ip
>
> Presumably the forceddomain option to cache_peer could be used to
> map from www.originhost1domain.tld to wwwvh.originhost1domain.tld,
> if required.
Only if the origin server supports a single domain only, and must be
called by this domain.
If you need a more generic mapping then a redirector can be used to
rewrite the domain names.
It is strongly recommended that no rewrites of domain names are used
however. Things work a whole lot better if the origin servers know
and operate by the domain the user requested. If not you will have a
whole bunch of issues where the origin server tries to send the user
to the domain name the origin server thinks is it's name, which then
may not work that well if the user expected something else...
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Thu Aug 07 2003 - 11:08:22 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:46 MST