On Fri, Aug 14, 2009 at 5:15 PM, Matus UHLAR -
fantomas<uhlar_at_fantomas.sk> wrote:
<snip>
> Squid ignores the original destination of connection in order to provide
> correct content. Many servers provide the same (their own) content
> independently on what Host: you ask for, so the cache would get filled with
> incorrect content. That's one of downfalls when using inctercepting proxy.
Hi Matus,
Thanks for taking the time to reply.
I don't understand the point you made above. In any case, I asked the
same question on #squid and Henrik Nordstrom pointed out that we can
work around this problem by using the source IP address for
redirection, rather than the destination address. We've been using
this successfully for the last couple of days.
The only downside is that our two Squid caches now contain duplicate objects.
We're going to see if we can modify the Squid source to use the
requested destination IP address rather than looking it up again. I'll
post here if we make any progress.
<snip>
> avoid using the proxy or explain why do you see different host than squid
> does...
It's caused by DNS host records with multple IP addresses (commonly
used for load balancing eg on the akmai network).
When the client looks up the host, it gets one IP address, and when
Squid then does a DNS lookup shortly afterwards it receives a
different IP address.
richard_at_largo:~$ dig assets.macys.com A +short
assets.macys.com.edgesuite.net.
a796.b.akamai.net.
80.157.169.145
80.157.169.195
richard_at_largo:~$ dig assets.macys.com A +short
assets.macys.com.edgesuite.net.
a796.b.akamai.net.
80.157.169.195
80.157.169.145
This causes the Cisco router to redirect the response to the other
Squid server which just drops it.
-RichardW.
Received on Fri Aug 14 2009 - 17:11:04 MDT
This archive was generated by hypermail 2.2.0 : Mon Aug 17 2009 - 12:00:03 MDT