Pandu E Poluan wrote:
> Hmmm... strange...
>
> Now, instead of accessing the site objectX, ProxyB and ProxyC users
> can't access the site at all...
>
> But no SQUID error page shows up... the browser simply times out...
> Accessing URLs other thatn objectX still works...
>
> objectX is accessible via ProxyA, though.
>
> The changes I made currently:
>
> On ProxyA:
>
> acl objectX dstdomain ...
dstdomain covers a whole site or more. You perhapse want to use
dstdomain + urlpath_regex then:
acl siteX dstdomain example.com
acl objectX urlpath_regex ^/fubar
miss_access allow siteX objectX
etc..
> miss_access allow objectX
> always_direct allow objectX
>
> On ProxyB/C:
>
> acl objectX dstdomain ...
> never_direct allow objectX
>
> I'll experiment with the settings... maybe also "miss_access allow
> objectX" on ProxyB and ProxyC?
>
>
> Rgds.
>
>
>
> Pandu E Poluan wrote:
>> Aha! Thanks a lot, Amos :-)
>>
>> I have been suspicious all along that the solution uses miss_access
>> and never_direct ... but never saw an example anywhere.
>>
>> Again, much thanks!
>>
>> ** rushes to his proxies to configure them **
>>
>>
>> Rgds.
>>
>>
>> [p]
>>
>>
>> Amos Jeffries wrote:
>>> Pandu E Poluan wrote:
>>>> The URL is allowed to be accessed by everyone, ProxyA-users, and
>>>> ProxyB/C-users alike.
>>>>
>>>> I just want the URL to be retrieved by ProxyA, because accessing
>>>> that certain URL through ProxyB/C is too damn slow (pardon the
>>>> language).
>>>>
>>>>
>>>> Rgds.
>>>>
>>>
>>> Okay. Thought it might be something like that, just wanted to be sure
>>> before fuzzing the issue.
>>>
>>> You will need to create an ACL just for this URL (an others you want
>>> to do the same).
>>> acl objectX ...
>>>
>>>
>>> proxyA needs to allow peers past the miss_access block.
>>>
>>> proxyA:
>>> miss_access allow objectX
>>> miss_access deny siblings
>>> miss_access allow all
>>>
>>>
>>> siblings must never go direct to the object (always use their parent
>>> peer)
>>>
>>> proxyB/proxyC:
>>> never_direct allow objectX
>>>
>>> Amos
>>>
>>>>
>>>> Amos Jeffries wrote:
>>>>> Pandu E Poluan wrote:
>>>>>> Anyone care to comment on my email?
>>>>>>
>>>>>> And another question: Is it possible to use miss_access with a
>>>>>> dstdomain acl?
>>>>>>
>>>>>>
>>>>>> Rgds.
>>>>>>
>>>>>>
>>>>>> Pandu E Poluan wrote:
>>>>>>> Hi,
>>>>>>>
>>>>>>> I want to know is there a way to force a URL to be retrieved by
>>>>>>> only a certain proxy, while ensuring that meshing works.
>>>>>>>
>>>>>>> Here's the scenario:
>>>>>>>
>>>>>>> I have a ProxyA ==> connects to Internet via a fast connection
>>>>>>> "InetFast"
>>>>>>> This proxy is used by a group of users that really need fast
>>>>>>> connection.
>>>>>>>
>>>>>>> I have other proxies ProxyB & ProxyC ==> connects to Internet via
>>>>>>> a slower connection "InetSlow"
>>>>>>> These proxies are used by the rest of the staff.
>>>>>>>
>>>>>>> I configured them all as siblings, with miss_access blocking MISS
>>>>>>> requests between them, e.g.
>>>>>>>
>>>>>>> # Configuration snippet of ProxyA
>>>>>>> cache_peer <ProxyB> sibling 3128 4827 htcp
>>>>>>> cache_peer <ProxyC> sibling 3128 4827 htcp
>>>>>>> acl siblings src <ProxyB>
>>>>>>> acl siblings src <ProxyC>
>>>>>>> miss_access deny siblings
>>>>>>> miss_access allow all
>>>>>>>
>>>>>>> ProxyB & ProxyC both has similar config.
>>>>>>>
>>>>>>> ( The aim is to 'assist' other staffers using InetSlow so that
>>>>>>> whatever has been retrieved by the InetFast users will be made
>>>>>>> available to the rest of the staffs )
>>>>>>>
>>>>>>> Now, let's say there's this URL http://www.need-fast-inet.com/
>>>>>>> that I want to be retrieved exclusively by ProxyA.
>>>>>>>
>>>>>>> How would I configure the peering relationships?
>>>>>
>>>>> If you can state the problem and the desired setup clearly in
>>>>> single-sentence steps you have usually described the individual
>>>>> config settings needed.
>>>>>
>>>>> Is the URL allowed to be fetched by the slow users through proxyB
>>>>> into proxy A and then internet?
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13 Current Beta Squid 3.1.0.6Received on Wed Apr 08 2009 - 04:32:38 MDT
This archive was generated by hypermail 2.2.0 : Wed Apr 08 2009 - 12:00:02 MDT