>
> Hi,
>
> i am trying to setup proxy server as show below
>
> Client ==>Sibling ==> Parent==> Internet
Huh? do you mean a:
Client ==>Squid ==> Parent==> Internet ??
'Sibling' is a two-way mesh term, meaning two proxies at teh same level:
Client ==> ProxyA => ...elsewhere
|||
Client ==> ProxyB => ...elsewhere
So ProxyA and ProxyB are siblings, both can re-route requests sideways if
their upstream link fails or if its faster to go that way.
What your config does at present for both proxies is:
> http_port 8080
- listen as a regular proxy on port 8080
> cache_peer proxy1 parent 8080 0 default originserver
- fetch requests by default from parent web server (originserver) proxy1
port 8080.
NP: Squid decodes the regular proxy requests and converts them into
webserver client requests (ie. "GET / HTTP/1.0" instead of "GET
http://proxy/ HTTP/1.0") when sending to originserver peers.
I'm not sure what exactly you are after, but its one of these two setups:
1) Squid proxy gateway with a parent upstream proxy gateway.
(All requests from proxy1 routed through proxy2 parent)
proxy1:
http_port 8080
cache_peer proxy2 parent 8080 0 default
prefer_direct off
proxy2:
http_port 8080
2) two sibling proxies providing failover to the internet.
(all requests go in internet until that machines external link fails,
then they go through sibling)
proxy1:
http_port 8080
cache_peer proxy2 sibling 8080 0
prefer_direct on
proxy2:
http_port 8080
cache_peer proxy1 sibling 8080 0
prefer_direct on
Hope this helps. If not please provide some exact details of what request
flow you are aiming to achieve.
Amos
>
> i got error when we browse any site from parent server as mentioned below
>
> The following error was encountered while trying to retrieve the URL: /
>
> Invalid URL
>
> Some aspect of the requested URL is incorrect.
>
> Some possible problems are:
>
> Missing or incorrect access protocol (should be http:// or similar)
>
> Missing hostname
>
> Illegal double-escape in the URL-Path
>
> Illegal character in hostname; underscores are not allowed.
>
> Your cache administrator is root.
>
> --------------------------------------------------------------------------------
>
> Generated Sun, 17 May 2009 18:13:40 GMT by proxy1 (squid/3.0.STABLE13)
>
> Parent Proxy config
>
>
> http_port 8080
> cache_peer proxy2 sibling 8080 0
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> cache deny QUERY
> acl apache rep_header Server ^Apache
> cache_mem 100 MB
> cache_swap_low 90
> cache_swap_high 95
> access_log /var/log/squid/access.log squid
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> acl US src b.b.b.b-b.b.b.254
> acl server src c.c.c.1-c.c.c.254
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access allow US
> http_access allow server
> http_access allow all
> http_reply_access allow all
> icp_access deny all
> cache_effective_user squid
> cache_effective_group squid
> icp_port 0
> coredump_dir /var/spool/squid
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern (cgi-bin|\?) 0 0% 0
> refresh_pattern . 0 20% 4320
>
>
> Sibling Proxy config
>
> http_port 8080
> cache_peer proxy1 parent 8080 0 default originserver
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> cache deny QUERY
> acl apache rep_header Server ^Apache
> cache_mem 100 MB
> cache_swap_low 90
> cache_swap_high 95
> access_log /var/log/squid/access.log squid
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> acl BLR src a.a.a.1-a.a.a.254
> acl US src b.b.b.b-b.b.b.254
> acl server src c.c.c.1-c.c.c.254
> acl TAC src d.d.d.1-d.d.d.254
> acl all src 0.0.0.0/255.0.0.0
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access allow BLR
> http_access allow US
> http_access allow server
> http_access allow TAC
> http_access deny all
> http_reply_access allow all
> icp_access allow all
> cache_effective_user squid
> cache_effective_group squid
> icp_port 0
> always_direct deny US
> always_direct deny BLR
> always_direct deny TAC
> prefer_direct on
> coredump_dir /var/spool/squid
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
>
> Pls help me on this.
>
> Thanks,
> Bharathvn
> --
> View this message in context:
> http://www.nabble.com/New-Squid3-Stable-13-Setup-tp23601156p23601156.html
> Sent from the Squid - Users mailing list archive at Nabble.com.
>
>
Received on Tue May 19 2009 - 02:57:40 MDT
This archive was generated by hypermail 2.2.0 : Tue May 19 2009 - 12:00:01 MDT