Henrik Nordstrom wrote:
> I guess that can be tweaked to fall back on the client provided IP if
> that IP is not in the set of IPs returned by DNS, but cache would still
> be a bit of an issue.
>
So, the point to resolve domain to IP(s) is only to know what to do
with cache.
> Another path would be to add another http_port flag making intercepted
> requests on that http_port always use the original destination IP and
> include that in the cache key. This smells more secure, but will not be
> very good for the cache..
>
>
Why not good for cache - because in most cases original destination IP
will be in the set of IPs returned by DNS and will just slowdown cache
with bigest key? There is no possibility to distinguish, how client
obtained IP-address - from hosts-file or from DNS. What if client
forces in hosts only one IP(in the set of IPs returned by DNS) for
multi-IP site - squid can't ensure that all requests will be done to
that IP or cached from that IP. Then each multi-IP and cacheable site
will have copies in cache by IPs count.
Problem is not so simple, is I think before :)
Regards,
Alex
Received on Mon Nov 12 2007 - 22:53:42 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST