RE: [squid-users] Squid.conf Question Reverse Proxy

From: Jones, Keven <Keven.Jones_at_ncr.com>
Date: Fri, 9 Oct 2009 14:56:53 -0400

I have cleaned up my squid.conf. For some reason the img02.cprpt.com url will not pull from the designated server:

http_port 80 accel defaultsite=img01.cprpt.com
cache_peer 172.19.23.91 parent 80 0 no-query originserver name=myAccel
cache_peer 172.19.23.92 parent 80 0 no-query originserver name=server_2

acl all src 0.0.0.0/0.0.0.0
acl our_sites dstdomain img01.cprpt.com
acl sites_server_2 dstdomain img02.cprpt.com
http_access allow our_sites
cache_peer_access myAccel allow our_sites
cache_peer_access server_2 allow sites_server_2
cache_peer_access myAccel deny all
cache_peer_access server_2 deny all

visible_hostname bv-ic01
cache_dir ufs /data/spool/squid 100 16 256
cache_access_log /data/log/squid/access.log
cache_log /data/log/squid/cache.log
cache_store_log /data/log/squid/store.log

I'm positive it is an issue with my squid.conf. Possibly the http_port 80 accel line that lists the defaultsite=img01.cprpt.com ??

The squid server is caching and able to pull content from img01.cprpt.com but img02.cprpt.com will not hit the web server. Any ideas?

Thx
-----Original Message-----
From: Chris Robertson [mailto:crobertson_at_gci.net]
Sent: Wednesday, October 07, 2009 5:37 PM
To: squid-users_at_squid-cache.org
Subject: Re: [squid-users] Squid.conf Question Reverse Proxy

Jones, Keven wrote:
> This is my current squid.conf. Could someone tell me what I need to
> add in order to accomplish adding a 2nd url img02.cprpt.com which
> will in turn point to a 2nd web server(172.19.23.92) which has separate Content that the existing server(172.19.23.91).
>
>
> http_port 80 accel defaultsite=img01.cprpt.com cache_peer 172.19.23.91
> parent 80 0 no-query originserver name=myAccel acl all src
> 0.0.0.0/0.0.0.0 acl our_sites dstdomain img01.cprpt.com http_access
> allow our_sites cache_peer_access myAccel allow our_sites
> cache_peer_access myAccel deny all visible_hostname bv-ic01
>
>
> I tried the following to no avail:
>
> http_port 80 accel defaultsite=img01.cprpt.com
> cache_peer 172.19.23.91 parent 80 0 no-query originserver name=myAccel
>

I think you need the other cache_peer line above the http_access rules...

>
> acl all src 0.0.0.0/0.0.0.0
> acl our_sites dstdomain img01.cprpt.com
> http_access allow our_sites
>

...especially if this is your only one, as there is an implicit
"http_access deny !our_sites" here, which would prevent access to
img02.cprpt.com.

> cache_peer_access myAccel allow our_sites
> cache_peer_access myAccel deny all
>
> cache_peer 172.19.23.92 parent 80 0 no-query originserver name=server_2
> acl sites_server_2 dstdomain img02.cprpt.com
> cache_peer_access server_2 allow sites_server_2
>
> Thanks in advance!!

Chris
Received on Fri Oct 09 2009 - 18:57:04 MDT

This archive was generated by hypermail 2.2.0 : Sat Oct 10 2009 - 12:00:02 MDT