On Thu, Oct 16, 2014 at 12:40 PM, Amos Jeffries squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 17/10/2014 8:10 a.m., Darren Spruell wrote:
Had a use case to ask about, apologies if I missed in docs. Is
there a configuration that allows squid running as forward proxy to
add a custom response header containing the origin server IP
address that served the resource? Assuming no cache hierarchy.
In the event that the resource is served from cache, would be
interesting if squid were able to track the IP address from which
the cached resource was originally retrieved to include in
responses. In the event that's not possible, then the IP address of
the cache itself as well as an indication that the resource was
served from cache rather than an upstream origin.
Most resources seem to cover including this information in the
access log, however I'm interested in having the data in the HTTP
response for this case.
IP address is not much useful in the response - any given machine has
multiple of those and they are also shared between anycast servers or
load balancers.
Usefulness (utility) is in the eye of the beholder. :)
It is also a mistake to think of the server as being one machine. It
is becomming extremely popular to use CDN services these days. CDN are
reverse-proxy services in one form or another. So the server may be
a chain of servers on some path through a server farm.
In my case, those abstractions are not significant. The goal is
determining, for a client behind a forward proxy, can the proxy simply
inform the client of the IP address to which the proxy connected to
fetch the resource? The IP address is the key data element for this
case. Even with a CDN the IP address of the frontend is fine.
1) The Via header is closest to what you are seeking. In responses it
contains each servers FQDN or an unique alias. It is supposed to
contain a record of the whole chain of machines the message traversed.
- The problem is that a lot of admin disable it or strip it out of
the traffic. So you may get a proper chain or only what your proxy is
adding, with no easy way to identify missing chain data.
I view the Via header as similar to the Received header in SMTP. In
this case it's added by other proxies/caches, correct? But I have no
cache hierarchy, and simply need the IP address of the origin server.
Squid knows what it is, because it opens a socket to it. It can filter
it with ACLs. It can log it in the access log.
Can it add it into a response header?
DS
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
