Re: [squid-users] Cache LAN and VLAN webservers

Hi All,

I'd like to thank everyone for their help! I've got it working by
downgrading from unstable release to going back to stable. I don't know
why this was the case but this solved it. I'm using debian so I changed
the source list from unstable (I was using it to get the latest
subversion) back to stable. Removed the old packages, cleaned up the apt
source list and got squid from stable source list. It's working! Exact
same configuration. Don't know why it didn't work earlier... maybe a
bug. I'm not sure but thanks everyone who contributed.

Kind Regards,
Anwar

> Dear Anwar,
>
>
> On Mon, 24 Oct 2005 Anwar Ahmad wrote :
> >I've tried doing a host command namely "host intranet" and I get a
> correct response. I even tried installing lynx on it and broswing my
> intranet server and it works. However squid it self cannot seem to
> cache these servers.
> >
> >I read that squid has some sort of dns client of some sort; is there
> some configuration wrong there?
> >
> >I know that my DNS server works since we can access the intranet
> server directly without any problems... This only happens when I
> configure the proxy. I'm thinking it might be a configuration thing.
> >
> >Lazuardi Nasution wrote:
> >
> >>I think there is DNS problem on your internal network.
> >>-----Original Message-----
> >> From: Anwar Ahmad [mailto:anwar.ahmad@net-linx.com] Sent: Monday,
> October 24, 2005 2:57 PM
> >>To: squidusers
> >>Subject: [squid-users] Cache LAN and VLAN webservers
> >>
> >>Hi All,
> >>
> >>I was wondering whether it is possible to cache local LAN & DMZ
> servers...
> >>and have them accessible to VLAN computers.
> >>
> >>Basically I my LAN is 192.168.12.0 and the squidbox has an IP from this
> >>subnet. Basically I want to cache our webserver thats on the LAN (same
> >>subnet) and DMZ (192.168.5.0). This will then be used by those who are
> >>connected to our VLAN on the 172.21.100.0 subnet.
> >>
> >>Currently squid can't cache servers. When I set my browser to
> >>192.168.128.5 (our intranet server) I get an error It can't locate the
> >>server. It seems to only cache external web (internet). I've read
> how you're
> >>supposed to set direct_access for local server but lets say I want
> to cache
> >>local servers. How do I do this. I pasted my squid.conf below. I haven't
> >>really changed much as I'm not too sure about which line needs to be
> >>changed.
> >>
> >>Any help is greatly appreciated.
> >>
> >>Thanks!
> >>-------
> >>#squid.conf
> >>http_port 3128
> >>cache_dir ufs /u01/squid 8000 16 256
> >>cache_effective_group proxy
> >>cache_effective_group proxy
> >>acl our_networks src 192.168.12.0/24
> >>http_access allow our_networks
> >>ftp_user squid@net-linx.com
> >>cache_access_log none
> >>cache_store_log none
> >>hierarchy_stoplist cgi-bin ?
> >>acl QUERY urlpath_regex cgi-bin \?
> >>no_cache deny QUERY
> >>cache_access_log /var/log/squid/access.log cache_log
> >>/var/log/squid/cache.log hosts_file /etc/hosts
> >>refresh_pattern ^ftp: 1440 20% 10080
> >>refresh_pattern ^gopher: 1440 0% 1440
> >>refresh_pattern . 0 20% 4320
> >>acl all src 0.0.0.0/0.0.0.0
> >>acl manager proto cache_object
> >>acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst
> 127.0.0.0/8
> >>acl purge method PURGE acl CONNECT method CONNECT http_access allow
> manager
> >>localhost http_access deny manager http_access allow purge localhost
> >>http_access deny purge http_access deny !Safe_ports http_access deny
> CONNECT
> >>!SSL_ports http_access allow localhost http_reply_access allow all
> >>icp_access allow all cache_mgr anwar.ahmad@net-linx.com
> httpd_accel_port 80
> >>coredump_dir /var/spool/squid
> >>
> >>
>
> One solution I can think of and using practically is ,configure your
> squid server as local DNS server which will have all the entries for
> your local requirement and then use "forwarders" parameter to point to
> outer DNS(ISP's).
>
> Then Point all your client to use your local DNS and hence all the
> local requests will be served by that local DNS and in case of other
> requests will be forwarded to outer DNS.
>
> hope this helps.
>
> regards,
>
>
> Bimal Pandit
>
>
>
>
> <http://adworks.rediff.com/cgi-bin/AdWorks/sigclick.cgi/www.rediff.com/signature-home.htm/1507191490@Middle5?PARTNER=3>
Received on Tue Oct 25 2005 - 03:37:41 MDT