On 30/03/2013 2:26 a.m., C. Pelissier wrote:
> Hi,
>
> How can I configure squid (direct proxy) to redirect to another parent
> proxy only if requested url hostname DNS resolves to a particular
> network (for example 125.0.0.0/32).
>
> With
>
> cache_peer PARENT-PROXY-IP parent 3128 0 proxy-only no-query
>
> all requested client url are redirected to PARENT-PROXY:3128
>
> Example
> If requested url is http://www.fujitsu.com and
> www.fujitsu.com solve to 125.x.y.z how to tell squid to use cache_peer
> and never use it when requested url does not belong to 125.0.0.0/32 IP range.
The answer to your question is: by using a ACL of type dst.
However, there are a few problems involved:
1) domains often have more than one IP address. You will find dst
matches if *any* of the DNS results produce a matching IP. Whether or
not that destination IP is actually used.
2) dst ACL is a "slow" category ACL since it often requires DNS delays.
cache_peer_access is a "fast" type access check which does not wait for
those DNS results to come back.
- You will need to configure the ACL to be tested on in one of the
slow access checks before peer checking, eg http_access in
adapted_http_access.
Amos
Received on Sun Mar 31 2013 - 00:43:35 MDT
This archive was generated by hypermail 2.2.0 : Sun Mar 31 2013 - 12:00:05 MDT