Re: [squid-users] Problem with 2 cache_peer
Thanks Chris, however i need to publish both the server with the same name in the reverse proxy , is there any way we can do it . On Dec 29, 2007 3:05 AM, Chris Robertson <[EMAIL PROTECTED]> wrote: > > Shekhar Gupta wrote: > > All, > > > > I am having this problem with my reverse proxy > > > > Internet > ReverseProxy > Actual Webserver 1 > > > Actual Webserver 2 > > > > My problem is that this site is published on internet say > > abc.mydomain.com , Both the servers are having diff IP 10.1.1.1 and > > 10.1.1.2 > > now i want to have these servers configured in squid.conf , > > > > cache_peer 10.1.1.1 parent 80 0 no-query originserver login=PASS > > round-robin name=abc.mydomain.com > > acl sites_server_9 dstdomain abc.mydomain.com > > cache_peer_access abc.mydomain.com allow sites_server_9 > > cache_peer 10.1.1.2 parent 80 0 no-query originserver login=PASS > > round-robin name=abc.mydomain.com > > acl sites_server_10 dstdomain abc.mydomain.com > > cache_peer_access abc.mydomain.com allow sites_server_10 > > > > Squid throws duplicate entry > > FATAL: ERROR: cache_peer abc.mydomain.com specified twice > > > > Squid Cache (Version 2.6.STABLE13): Terminated abnormally. > > CPU Usage: 0.049 seconds = 0.045 user + 0.004 sys > > Maximum Resident Size: 0 KB > > Page faults with physical i/o: 0 > > Aborted > > > > Can any one suggest how to go for this . > > > > > Don't specify a name and use the IP address in the cache_peer_access > directive, or specify a different name for each. By assigning both > cache_peers the same name, you are not giving Squid a way to > differentiate between the two. > > Chris >
[squid-users] cache_peer maximum limit quesion
Hi all,, I am using squid-2.5-STABLE3 My ISP have more than 10 proxy server. So, I put all proxy server list in squid.conf with cache_peer But squid only find 3 parents and leave other parent without query. I wanna know, how to fix this. I want squid to detect all proxy in list Mr. Crack007
Re: [squid-users] Reverse proxy to bypass government's proxy !!!
On mån, 2007-12-24 at 14:05 +0200, [EMAIL PROTECTED] wrote: > A user requests newdomain.com (which is registered by me and > connected to my server) ---> Squid will get the content of > www.theblockedwebsite.com and deliver it to the end user ---> The > browser's URL remains newdomain.com because if changed the user will > get the ugly "Access Denied" page. > > I did the following configuration: > > -- > > http_port 80 # Port of Squid proxy > httpd_accel_host xx.xx.xx.xx # IP address of web server I need to reach > httpd_accel_port 80 # Port of web server Upgrade to 2.6, then see the FAQ chapter on reverse proxying. Also check your access.log. If it says TCP_MISS/3xx then it's the web server sending the redirect, not Squid.. Regards Henrik
Re: [squid-users] squid3.0 config file
On tis, 2007-12-25 at 11:05 +0800, J. Peng wrote: > What's the primary difference in config file between squid 3.0 and 2.6? > Is there a FAQ showing that? thanks! They are very similar, but there is some features only in one of the versions.. The 3.0 release notes tells what the differences are, and why. Regards Henrik
Re: [squid-users] installing squid3 in production
On ons, 2007-12-26 at 00:57 +0200, Tomer Shoval wrote: > Hi, > I'm interested in putting squid 3 into production. > I've been using squid for 4 years now, but only lately stated playing > with squid3, mainly because i wanted to add the https_port > capabilities. The https_port support for reverse proxying of https sites has been around since Squid-2.5, nothing new in 3.0. In fact 3.0 is still slightly behind 2.6 in this area.. > I'm looking for a sysv init script for squid3 The same you have for squid-2 works with squid-3. No difference there. > and for an how-to > explaining how to put squid into the directory structure squid 2.x was > in (configuration under /etc/squid, logs under /var/squid, squid under > /sbin, etc.) instead of the usr/local/sbin folder structure. If you compile Squid by hand I recommend keeping it in the default /usr/local/squid/ location. The paths to cache and logs is set in squid.conf. Regards Henrik
Re: [squid-users] Reverse proxy issue >> redirection (URL changes)
On fre, 2007-12-28 at 18:04 +0200, Tomer Shoval wrote: > I've noticed that there are some things you can't do even if you get > that version, for instance using https acceleration where the origin > server is on a different port than squid is listening on Sure you can. frontend and backend connection management is isolated. BUT the backend server needs to play nice and be aware of the URL used by the clients for it to send proper redirects. If not you will see users sometimes being bounced to the address the backend server thinks is the right URL. When there is a 1-1 mapping this gets a lot easier as usually the backend server then do not realize there is a frontend other than by the source IP... REgards Henrik
Re: [squid-users] Problem with 2 cache_peer
On sön, 2007-12-30 at 16:37 +0530, Shekhar Gupta wrote: > Thanks Chris, > > however i need to publish both the server with the same name in the > reverse proxy , is there any way we can do it . The name= parameter to cache_peer is only the internal name of the peer within Squid. It has nothing to do with the published site name. So do what Chris said, assign them different names (or use the IP) and add a cache_peer_access line per peer. It will work fine. Regards Henrik
Re: [squid-users] cache_peer maximum limit quesion
On sön, 2007-12-30 at 23:41 +0700, Mr Crack wrote: > So, I put all proxy server list in squid.conf with cache_peer > But squid only find 3 parents and leave other parent without query. > I wanna know, how to fix this. I want squid to detect all proxy in list How did you add them? I.e. what do your cache_peer line look like? is ICP used, or only HTTP? (actually answered by the above..) How do you want Squid to use them? Randomly send requests around to the different peers, or more smartly prefer to use the same peers for session affinity? Regards Henrik
[squid-users] authenticate_ttl question
Hi all, Can you have a authenticate_ttl based on group I want to have two authentication groups FooA and FooB to authenticate using ncsa authentication, password generated using htpasswd, but I want to have the users in FooB to a 15 day limit before they get disconnected. Can this be done? Where can I get more info on using authenticate_ttl Thank you. BSD Networking, Microsoft Notworking
Re: [squid-users] Reverse proxy issue >> redirection (URL changes)
On mån, 2007-12-31 at 03:43 +0200, Tomer Shoval wrote: > well, it didn't work for me. > when i tried that, the backend server, or squid, i'm not sure, > redirected the client to the actual "originserver" which the client > couldn't reach. Squid never redirects unless you explicitly ask it to, so it's your backend. When Squid sends redirects on it's own: 1. WHen deny_info says it should on access denied. 2. When using a url rewriter which says it should. Regards Henrik
Re: [squid-users] authenticate_ttl question
On sön, 2007-12-30 at 20:48 -0500, Monah Baki wrote: > Hi all, > > Can you have a authenticate_ttl based on group No. > I want to have two authentication groups FooA and FooB to > authenticate using ncsa authentication, password generated using > htpasswd, but I want to have the users in FooB to a 15 day limit > before they get disconnected. authenticate_ttl does not do this. It's only an internal bookkeeping parameter telling Squid how long it should remember the existence of a user after successful authentication. HTTP is stateless and the client authenticates to Squid on each and every requests. There is no session to disconnect. To "disconnect" users you need to periodically change their password. Regards Henrik
Re: [squid-users] aufs cache_dir growing beyond configured limits?
On tor, 2007-12-20 at 15:21 -0800, Neil Harkins wrote: > cache_dir aufs /mnt/squid 950 32 384 > /var/log/squid/cache.log:2007/12/20 13:09:03| Reconfiguring Squid > Cache (version 2.5.STABLE11)... > /var/log/squid/cache.log:2007/12/20 13:09:03| Cache dir '/mnt/squid' > size changed to 972800 KB > > What cases cause squid to resize an aufs store > differently than it's configured value? 950 MB == 972800 KB Regards Henrik
Re: [squid-users] 2.7 vs 3.0
On lör, 2007-12-22 at 02:45 +0530, Count Of Dracula wrote: > > > You want 2.6STABLE17 right now, and 2.7 when it is released. =] 3.0 > > > isn't really ready for a production environment yet. > > Can you please explain what is a difference between Squid 2.6,2.7 and > 3.0 ? Why there is a Squid 2.7 branch? For the differences 2.6 / 3.0 see the 3.0 release notes. there is not yet a document outlining the differences 2.6 / 2.7 in an easy manner. But you can read the changelog and browse the changesets to get a feeling of what is going on. Regards Henrik
Re: [squid-users] Problem with 2 cache_peer
Is it possible to direct me to some article or config example . On Dec 31, 2007 6:28 AM, Henrik Nordstrom <[EMAIL PROTECTED]> wrote: > On sön, 2007-12-30 at 16:37 +0530, Shekhar Gupta wrote: > > Thanks Chris, > > > > however i need to publish both the server with the same name in the > > reverse proxy , is there any way we can do it . > > The name= parameter to cache_peer is only the internal name of the peer > within Squid. It has nothing to do with the published site name. > > So do what Chris said, assign them different names (or use the IP) and > add a cache_peer_access line per peer. It will work fine. > > Regards > Henrik > >
