Re: [squid-users] Squid3: vhost reverse proxy/accel bw extender

From: Jim Flowers <jflowers@dont-contact.us>
Date: Fri, 8 Aug 2003 05:41:09 -0500

Henrik,

Thanks very much for your clear explanation and illuminating example.

My problem has been understanding the terminology and particularly the
term 'virtual host'. I now think that in Squidish, 'virtual host' refers to
a single ip address which can respond to queries with the appropriate pages
for multiple 'domains'. Domains in this sense being the FQDN (e.g.
www.example.com.

In the cache_peer directive option name=vhost1, 'vhost1' is just an
identifier used by cache_peer_access to obtain the originserver ip address.

For name-based virtual hosting, the domains (FQDN) provided by the
accelerator to the originserver are the same as those used in the query from
the browser to the accelerator.

Now to learn about redirectors. I understand your caution about the
originserver providing redirection to the browser, however, as this usage is
limited to demonstration of bandwidth extension and both the originserver and
accelerator are available to the browser it should work ok -- I think.

So, I use a redirect program to rewrite the original query from
http://www.domain2.com.domain1.com to http://www.domain2.com, apply
http_access and cache_peer_access directives correctly and use an acl with
www.domain2.com.domain1.com in it with redirector_access directive to limit
the use of the redirect program.

I think?

--
Jim Flowers<jflowers@ezo.net>
---------- Original Message -----------
From: Henrik Nordstrom <hno@squid-cache.org>
---
> It is all automatic unless you rewrite the host component of the 
> request via a redirector or forcing the domain in cache_peer...
> 
> Which domains to send to which origin server is controlled by 
> cache_peer_access.
> 
> A small example of a Squid-3 accelerator setup with one virtual host 
> based port 80, forwarding 4 domains to 2 different servers (2 
> domains per server) with a default domain for old clients not 
> supporting the host header.
> 
> http_port 80 accel vhost defaultsite=www.example.com
> 
> cache_peer 192.0.2.54 parent 80 0 no-query originserver name=vhost1
> acl vhosts1_domains dstdomain www.example.com partners.example.com
> cache_peer_access vhost1 allow vhost1_domains
> http_access allow vhost1_domains
> 
> cache_peer 192.0.2.60 parent 80 0 no-query originserver name=vhost2
> acl vhosts2_domains dstdomain bugs.example.com support.example.com
> cache_peer_access vhost2 allow vhost2_domains
> http_access allow vhost2_domains
> 
> If the domains to pass to the origin web servers is different from 
> what the end-user requests in his web browser then the preferred 
> solution is to fix the origin servers to accept the official domains 
> requested by the end user. Alternatively you can use a redirector to 
> rewrite the URL while it is forwarded by Squid but this approach 
> will give you problems with most applications where the origin 
> server will sometimes try to redirect or send the end-user to the 
> domain the origin server thinks is the correct domain name for the server..
> 
> If you use the redirectror approach then the domains to use in 
> http_access will be the external domains, while cache_peer_access 
> uses the internal domains (after redirector rewriting of the URL).
> 
> Regards
> Henrik
Received on Fri Aug 08 2003 - 04:41:13 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:47 MST