Aha! Thanks a lot, Amos :-)
I have been suspicious all along that the solution uses miss_access and
never_direct ... but never saw an example anywhere.
Again, much thanks!
** rushes to his proxies to configure them **
Rgds.
[p]
Amos Jeffries wrote:
> Pandu E Poluan wrote:
>> The URL is allowed to be accessed by everyone, ProxyA-users, and
>> ProxyB/C-users alike.
>>
>> I just want the URL to be retrieved by ProxyA, because accessing that
>> certain URL through ProxyB/C is too damn slow (pardon the language).
>>
>>
>> Rgds.
>>
>
> Okay. Thought it might be something like that, just wanted to be sure
> before fuzzing the issue.
>
> You will need to create an ACL just for this URL (an others you want
> to do the same).
> acl objectX ...
>
>
> proxyA needs to allow peers past the miss_access block.
>
> proxyA:
> miss_access allow objectX
> miss_access deny siblings
> miss_access allow all
>
>
> siblings must never go direct to the object (always use their parent
> peer)
>
> proxyB/proxyC:
> never_direct allow objectX
>
> Amos
>
>>
>> Amos Jeffries wrote:
>>> Pandu E Poluan wrote:
>>>> Anyone care to comment on my email?
>>>>
>>>> And another question: Is it possible to use miss_access with a
>>>> dstdomain acl?
>>>>
>>>>
>>>> Rgds.
>>>>
>>>>
>>>> Pandu E Poluan wrote:
>>>>> Hi,
>>>>>
>>>>> I want to know is there a way to force a URL to be retrieved by
>>>>> only a certain proxy, while ensuring that meshing works.
>>>>>
>>>>> Here's the scenario:
>>>>>
>>>>> I have a ProxyA ==> connects to Internet via a fast connection
>>>>> "InetFast"
>>>>> This proxy is used by a group of users that really need fast
>>>>> connection.
>>>>>
>>>>> I have other proxies ProxyB & ProxyC ==> connects to Internet via
>>>>> a slower connection "InetSlow"
>>>>> These proxies are used by the rest of the staff.
>>>>>
>>>>> I configured them all as siblings, with miss_access blocking MISS
>>>>> requests between them, e.g.
>>>>>
>>>>> # Configuration snippet of ProxyA
>>>>> cache_peer <ProxyB> sibling 3128 4827 htcp
>>>>> cache_peer <ProxyC> sibling 3128 4827 htcp
>>>>> acl siblings src <ProxyB>
>>>>> acl siblings src <ProxyC>
>>>>> miss_access deny siblings
>>>>> miss_access allow all
>>>>>
>>>>> ProxyB & ProxyC both has similar config.
>>>>>
>>>>> ( The aim is to 'assist' other staffers using InetSlow so that
>>>>> whatever has been retrieved by the InetFast users will be made
>>>>> available to the rest of the staffs )
>>>>>
>>>>> Now, let's say there's this URL http://www.need-fast-inet.com/
>>>>> that I want to be retrieved exclusively by ProxyA.
>>>>>
>>>>> How would I configure the peering relationships?
>>>
>>> If you can state the problem and the desired setup clearly in
>>> single-sentence steps you have usually described the individual
>>> config settings needed.
>>>
>>> Is the URL allowed to be fetched by the slow users through proxyB
>>> into proxy A and then internet?
>>>
>
>
> Amos
-- *Pandu E Poluan* *Panin Sekuritas* IT Manager / Operations & Audit Phone : +62-21-515-3055 ext 135 Fax : +62-21-515-3061 Mobile : +62-856-8400-426 e-mail : pandu_poluan_at_paninsekuritas.co.id <mailto:pandu_poluan_at_paninsekuritas.co.id> Y!M : hands0me_irc MSN : si-ganteng_at_live.com GTalk : pandu.cakep_at_gmail.comReceived on Wed Apr 08 2009 - 02:36:09 MDT
This archive was generated by hypermail 2.2.0 : Wed Apr 08 2009 - 12:00:02 MDT