RE: [squid-users] disable-internal-dns not working on 2.6.18

Hello again.

I followed that document to the letter here, and squid doesn't want to allow any traffic to my cache sites:

---------
ERROR
The requested URL could not be retrieved

While trying to retrieve the URL: http://my.site.com/

The following error was encountered:

    * Access Denied.

      Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

Your cache administrator is webmaster.
Generated Thu, 20 Nov 2008 13:27:20 GMT by proxy.site.com (squid/2.6.STABLE18)
-----------

This is what I've added to the squid.conf:

http_port 80 accel defaultsite=my.site.com vhost

cache_peer 192.168.5.15 parent 80 0 no-query originserver name=moon
acl sites_moon dstdomain my.site.com
cache_peer_access moon allow sites_moon

cache_peer 192.168.5.12 parent 80 0 no-query originserver name=triton
acl sites_triton dstdomain terminal.site.com
cache_peer_access triton allow sites_triton

cache_peer 192.168.5.14 parent 80 0 no-query originserver name=titan
acl sites_titan dstdomain files.site.com
cache_peer_access titan allow sites_titan

That's all the guide told me to do, so I'm not sure what to do next. Gosh, I wish this wasn't so difficult.

Joe

-----Original Message-----
From: Joseph Jamieson [mailto:jjamieson_at_futurefoundations.com]
Sent: Thursday, November 20, 2008 11:51 AM
To: 'Amos Jeffries'
Cc: squid-users_at_squid-cache.org
Subject: RE: [squid-users] disable-internal-dns not working on 2.6.18

Hi, thanks for the response.

Indeed, there's apparently a *lot* of old, bad info out there.

I'll follow the doc you linked and hopefully I'll be good to go!

Thanks.

-----Original Message-----
From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Sent: Thursday, November 20, 2008 7:37 AM
To: Joseph Jamieson
Cc: squid-users_at_squid-cache.org
Subject: Re: [squid-users] disable-internal-dns not working on 2.6.18

Joseph Jamieson wrote:
> Hello,
>
> I am trying to set up a Squid reverse proxy server in order to direct different web addresses to different servers. The caching function is just an added bonus.
>
> As I understand it, I need to use --disable-internal-dns build option to do this, and put the various host names in /etc/hosts.

No. Just set /etc/hosts. Squid loads it as a fixed set of records always
preferred over remote lookups.

>
> This is an Ubuntu box and I've downloaded all of the packages necessary to build squid, and it does build correctly. I added the --disable-internal-dns option into debian/rules, built binary packages, and installed them.
>

Try "apt-get install squid". No building necessary.
Current Squid by default has all the necessary components to be a
reverse-proxy.

<snip dnsserver helper troubles>
>
> Any ideas? I'd love to get this up and running. Squid 2.6's reverse proxy looks like it's going to be a lot easier to manage than older versions.
>

It is, unfortunately you seem to have come across some of the docs for
obsolete Squid versions that ruined your experience so far.

In general Squid does not need to perform any DNS to act as a reverse-proxy.

Install the Ubuntu squid release and take a read of this page for the
configuration:
   http://wiki.squid-cache.org/SquidFaq/ReverseProxy
(particularly the part 'How Do I Set It Up')

NP: The demo config does not involve DNS. URL domain name in "dstdomain"
ACL and and IP on the "cache_peer <IP> 80 0 ..." lines make it work
without needing to check destination IP.

Amos

--
Please be using
   Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
   Current Beta Squid 3.1.0.2