[squid-users] Reverse proxy question (One ext. hostname, multiple webservers) from brianm_at_bis.midco.net on 2013-07-11 (squid-users)

From: <brianm_at_bis.midco.net>
Date: Thu, 11 Jul 2013 12:20:30 -0500

Hello squid users,

I'm trying to replace a bluecoat reverse proxy currently in place with squid.

We have one external hostname that points to the reverse proxy (also
has the cert), and based on the endpoint of the URL, the requests get
forwarded to the appropriate web server.

EX. https://rvsprx.domain.com/sftp gets forwarded to an SFTP server
-> https://10.10.10.4/sftp

EX. https://rvsprx.domain.com/splunk gets forwarded to the splunk
server -> https://10.10.10.5/splunk

(There are three backend web servers currently being serviced)

The problem I'm having is the the cache peer that I have listed first
in my conf gets all of the requests. I'm not sure why that is when I
have an ACL for the urlpath_regex specific to the endpoint for each
server. Here is my squid.conf

----BEGIN - snipped for relevance

https_port 443 accel cert=/usr/squid/trmpub.cert
key=/usr/squid/trmpriv.pem connection-auth=on
acl SSL_ports port 443
acl Safe_ports port 443
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

cache_peer 10.10.10.4 parent 443 0 no-query originserver ssl
sslflags=DONT_VERIFY_PEER name=server_sftp
acl sftp url_regex [-i] ^https://rvsprx.domain.com/(courier|admin)
http_access allow sftp
cache_peer_access server_sftp allow sftp

cache_peer 10.10.10.5 parent 443 0 no-query originserver ssl
sslflags=DONT_VERIFY_PEER name=server_splunk LOGIN=PASS
acl splunk url_regex [-i] ^https://rvsprx.domain.com/splunk
http_access allow splunk
cache_peer_access server_splunk allow splunk

----END

To reiterate my problem, with the above config, I can browse to the
SFTP at https://.../courier or https://.../admin perfectly fine, but
if I try to access https://.../splunk, I get a 404 from the SFTP server.

If I flip the cache_peer statements, I can browse to splunk just fine,
but to the SFTP addresses I get a 404 from the splunk server. In the
access.log file, here is one of those 404s.

1373557623.675 36 172.22.85.4 TCP_MISS/404 282 GET
https://rvsprx.com/splunk - FIRSTUP_PARENT/10.10.10.4 text/html

Thank you in advance for any assistance.
Brian
Received on Thu Jul 11 2013 - 17:21:04 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 11 2013 - 12:00:24 MDT