You need to add the vhost option to http_port so that Squid determines
parent via hostname
i.e.
http_port 80 accel defaultsite=example.com vhost
cache_peer 192.168.1.114 parent 80 0 no-query originserver name=server_2
cache_peer_domain server_2 dev.example.com
cache_peer 192.168.1.115 parent 80 0 no-query originserver name=server_1
cache_peer_domain server_1 example.com
*** NOTE: if you have DNS for example.com resolving to Squid, then make
sure you override that in /etc/hosts on the squid boxes, pointing those
records to your origins so that you don't run into a loop.
For ACLs, I would recommend the following:
acl your_site1 dstdomain example.com
acl your_site2 dstdomain dev.example.com
acl origin1 dst 192.168.1.114
acl origin2 dst 192.168.1.115
acl acceleratedPort port 80
cache allow your_site1
cache allow your_site2
http_access allow origin1 acceleratedPort
http_access allow origin2 acceleratedPort
http_access deny all
GL, HTH
- Gregori
-----Original Message-----
From: Karol Maginnis [mailto:nullogic_at_sdf.lonestar.org]
Sent: Tuesday, April 07, 2009 11:30 AM
To: squid-users_at_squid-cache.org
Subject: [squid-users] Reverse Proxy + Multiple Webservers woes
Hello,
I am new to squid but not new to reverse proxies. I am trying to
implement a proxy that would work like this:
www.example.com -> server 1
example.com -> server 1
dev.example.com -> server 2
I have read the wiki here:
wiki.squid-cache.org/SquidFaq/ReverseProxy
But I cant get it to work and I am about to pull my hair out.
My squid.conf looks like:
--------
http_port 80 accel defaultsite=example.com
cache_peer 192.168.1.114 parent 80 0 no-query originserver name=server_2
cache_peer_domain server_2 dev.example.com
cache_peer 192.168.1.115 parent 80 0 no-query originserver name=server_1
cache_peer_domain server_1 example.com
--------
This gives me a big fat: "Access Denied"
So I added this to my squid.conf:
-------
acl our_sites dstdomain example.com dev.example.com
http_access allow our_sites
-------
This clears the "Access Denied" however now all traffic goes to
"server_1"
(the .115 addy).
I have tried all sorts of cute ACLs included but not limited to
delcaring
ACSs for server_1 and server_2 respectively and allowing access to
server_1 from server_1 sites and denying server_2 sites and vice versa.
However this just gives me an "Access Denied" for all sites.
I have also tired every example found on this issue in the Wiki. I feel
like the Wiki is leaving out a key config line that is causing this not
to
work, but I could be wrong.
I am runnig squid:
Squid Cache: Version 2.7.STABLE6
configure options: '--disable-internal-dns'
I hate sending such a simple question to a mailing list but I have read
the squid wiki so much that I almost have it memorized as far as the
ReverseProxy pages are concerned.
Thanks,
-KJ
nullogic_at_sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org
Received on Tue Apr 07 2009 - 18:51:06 MDT
This archive was generated by hypermail 2.2.0 : Wed Apr 08 2009 - 12:00:02 MDT