Re: [squid-users] Re: Proxy parent failover

From: Josh <mylist13@dont-contact.us>
Date: Wed, 13 Feb 2008 10:20:32 +0800

On Feb 12, 2008 7:21 PM, Amos Jeffries <squid3@treenet.co.nz> wrote:
> Josh wrote:
> > Sorry for the re-post, keyboard went crazy :/
> >
> > A little schema of what i want to do:
> >
> > Squid proxy ------------------- Proxy Parent 1----Link1----- Internet
> > |
> > |---FO--- Proxy Parent 2 ----Link2----- Internet
> >
> > if Link1 is available,
> > Force squid proxy to go through parent 1 only
> > if Link1 is not available,
> > Force squid proxy to go through parent 2 only
> >
> > I can configure squid with multiple parents but it'll use them both at
> > the same time.
> > I couldn't figure out if there's a way to configure squid with
> > multiple parents in "failover" mode...
> >
> > Hope you can give me some hints...
>
> Squid has a mode FIRST_UP_PARENT which is exactly what you describe.
> I believe its the default unless you configure another selection method.
> So what exactly do you have in your squid.conf for the cache_peer lines?
> and what release of squid is this in?
>
> Amos
> --
> Please use Squid 2.6STABLE17+ or 3.0STABLE1+
> There are serious security advisories out on all earlier releases.
>

Hi,

Thanks for the replies.
Please find below my configuration file for Squid Version 2.6.STABLE16.
So I would need to add a cache_peer line to my conf:
....
cache_peer 10.X.X.X parent 8080 0 default no-query no-digest no-netdb-exchange
cache_peer 10.Y.Y.Y parent 8080 0 no-query no-digest no-netdb-exchange
....

All the requests will go to 10.X.X.X unless it can't reach, am i
correct to say that ?

Thanks again,
Josh

squid.conf:
--------------
http_port 8080
icp_port 0
cache_peer 10.X.X.X parent 8080 0 default no-query no-digest no-netdb-exchange
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mem 1536 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
maximum_object_size_in_memory 50 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /usr/local/squid/cache 60000 16 256
access_log /usr/local/squid/logs/access.log squid
hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 0 KB
quick_abort_max 0 KB
half_closed_clients off
shutdown_lifetime 1 seconds
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 8080
acl purge method PURGE
acl CONNECT method CONNECT
acl snmppublic snmp_community public
acl corpnet dstdomain .corp.local
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access allow CONNECT SSL_ports
http_access allow Safe_Ports
http_access deny all
httpd_suppress_version_string on
visible_hostname proxy
memory_pools off
log_icp_queries off
client_db off
buffered_logs on
never_direct deny corpnet
never_direct allow all
snmp_port 3401
snmp_access allow snmppublic
snmp_access deny all
snmp_incoming_address 127.0.0.1
coredump_dir /usr/local/squid/logs
pipeline_prefetch on
Received on Tue Feb 12 2008 - 19:20:35 MST

This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST