On 21/08/2013 1:17 a.m., Mohsen Dehghani wrote:
> Hi team
>
> I have already implemented tproxy + L2 wccp and it works perfectly except
> one: squid just uses one cpu(core) and other cores on a DELL R710 are
> wasted.
> I have about 140 Mbps traffic and it utilizes 50% of one core. When decided
> to run multicpu squid using this help:
>
> http://wiki.squid-cache.org/ConfigExamples/MultiCpuSystem
>
> I noticed that the backend receives the requests with the ip address of
> frontend(127.0.0.1).
> As my squid machine do not have any public ip ( I just used tproxy before )
> so it cannot get the request and forward it to the frontend. It means the
> backend does not spoof the client ip.
>
> My question is how can I force the backend to use the client ip address to
> get request from internet servers?
>
> My squid version is 3.3.8
> My machine does not have any public IP
With 3.3 series you are likely to find
http://wiki.squid-cache.org/Features/SmpScale workers are better than
separate Squid instances. The config file is far simpler and being a
single layer the TPROXY relay issue is not present.
In theory you can pass TPROXY details through two layers by using the
"no-tproxy" option on the front layers cache_peer line,
"follow_x_forwarded_for allow localhost" on the backend layer. It may
also require tproxy http_port option on the backend layer to handle
setup of the outgoing spoofing properly.
Just theorizing here, if anyone wants to try it please inform us on
how it goes :-) It will definitely fail unless both layers are on the
same box, otherwise it should work.
Amos
Received on Wed Aug 21 2013 - 10:43:54 MDT
This archive was generated by hypermail 2.2.0 : Wed Aug 21 2013 - 12:00:43 MDT