[squid-users] Need some advice on configuration

From: Jeremy Utley <jerutley@dont-contact.us>
Date: Thu, 26 Jan 2006 14:03:44 -0800

Greetings to the list!

I'm very new to Squid configuration, and have been trying to research
how to do this, but have ended up running in circles, so I'm coming to
the list with this - hopefully someone out there has done something
similar before, and can point me into the right direction, or perhaps
even share a configuration file they have used. I've been tasked by
my employer (a fairly good size web provider) with finding a way to
utilize Squid as a reverse caching proxy - but the setup will be
somewhat unique.

The idea is to have a set of servers running squid, sitting behind a
Foundry load balancer and communicating with each other via IPC,
acting as caches for multiple web servers. The "origin" web servers
(those actually running Apache httpd) may, or may not, be located on
the same network segment. The idea is, point the DNS for the site at
the loadbalancer, which will send to one of the proxies - if the
requested file is cached by any of the proxies, it will be delivered
from there, without a request to the true server. If not, the proxies
will use some form of lookup to determine the true source for that
particular address, get the file from there, and deliver it to the
requesting client.

Now, for some caveats. The Apache servers *may* be doing name-based
virtual hosting, so when a request is sent to them, they must know the
domain name being requested. The proxies must not allow arbitrary
requests to work thru them - they must only answer for the domains
they are configured to answer for, anything else should be denied.
Wildcard hosts must be supported (i.e. we need to be able to say that
the "true" server for *.foo.com is 12.34.56.78). We also must not
cripple DNS resolution for other programs running on the proxy
servers, which would seem to preclude the use of a private DNS server
to resolve the "true" addresses.

Is squid a good tool for this type of usage, or should I look
elsewhere? And if so, can anyone point me to a good sample config
file to look at and learn from?

Thanks in advance!

Jeremy Utley
Received on Thu Jan 26 2006 - 15:03:46 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST