Thanks Amos for your reply, but I have some confusion (see below)
On 11/10/2011 8:06 PM, Amos Jeffries wrote:
> On 11/11/2011 12:00 p.m., Wilson Hernandez wrote:
>> Hello List.
>>
>> I would like to know how I can use two squid servers to redirect
>> traffic for an especific page through the second squid server
>> connected to a different provider.
>>
>> For ie:
>> squid2 ---- provider 1 (used for facebook.com
>> ONLY)
>> |
>> lan ---------------- |
>> |
>> squid1 ---- provider 2 (default server used
>> for everything except facebook)
>>
>>
>> I need to know how to use squid2 as a slave and what configuration do
>> I need on squid1 (master) in order for me to accomplish my task or
>> the rules need to be done with iptables?
>>
>
> The term master/slave terms may be where you are getting into trouble.
> In HTTP terminology there are "parent/child" and "sibling"
> relationships only. The parent/child relationship is a little
> different from master/slave concept due to the two-way nature of the
> data flow. Child is master of the request flow and slave for the
> reply flow. Parent is master of the reply flow and slave for the
> request flow.
>
> If I interpret your message right you are asking about squid2 as
> parent, squid1 as child. Nothing special for squid2 config. This would
> be the config for squid1:
>
> # link squid1 to parent (data source) squid2
> # see http://www.squid-cache.org/Doc/config/cache_peer/ for the
> actual text
> cache_peer squid2 parent ...
>
So, this would go in squid1:
cache_peer squid2's-ip parent
This confuses me somewhat because i thought squid1 would be the squid2's
parent since squid1 would be the default for everything and it will send
request to squid2 for facebook traffic responding back to squid1 and
squid1 responding to the client (please, correct me if I'm wrong).
So, still all the LAN traffic would hit squid1... wouldn't this be the
same as I have it now? I would like to see if facebook traffic gets
better in our LAN....
> # specify that only facebook.com requests goes to squid2
> acl FB dstdomain .facebook.com
> cache_peer_access allow FB
> cache_peer_access deny all
>
> # specify that squid1 MUST NOT service facebook.com requests itself
> never_direct allow FB
>
Thanks.
>
> Alternatively you maybe could also do this with only one Squid server
> by marking packets for facebook.com requests with tcp_outgoing_tos or
> tcp_outgoing_address which the OS layer routing detects and sends to
> provider 1 interface and blocks from accessing provider 2.
>
>
> Amos
Received on Fri Nov 11 2011 - 01:18:28 MST
This archive was generated by hypermail 2.2.0 : Fri Nov 11 2011 - 12:00:02 MST