We have been using several squid servers in accelerator mode for a number of
years mainly for load balancing to send public requests to backend servers.
The requests to the squids typically come via a well known commercial caching
service. The squids don't do any caching, they just forward r
Thanks for the great explanation. Much appreciated.
On Fri, Aug 30, 2019, at 2:10 PM, Alex Rousskov wrote:
> On 8/30/19 2:41 PM, sq...@buglecreek.com wrote:
>
> > All requests will always start with www.example.com / or
> > origin-www.example.com/
>
> If that is true, why check domain na
We use several squid servers in accelerator mode for load balancing to send
public requests to backend servers. The squids don't do any caching, they
just forward requests to the backend.
We have cache_peer directives to send the incoming requests to the backend
Apache servers. What I need
We have been using several squid servers in accelerator mode for a number of
years mainly for load balancing to send public requests to backend servers.
The requests to the squids typically come via a well known commercial caching
service. The squids don't do any caching, they just forward r
On Thu, Mar 28, 2019, at 7:14 PM, Alex Rousskov wrote:
> On 3/28/19 5:36 PM, Alex Rousskov wrote:
> > On 3/28/19 8:13 AM, cred...@eml.cc wrote:
> >> Is using the http_reply_access deny a viable option if all else fails
> >> to correct the issue until we can upgrade?
>
> > Probably it is not: I a
On Wed, Mar 27, 2019, at 4:23 PM, Alex Rousskov wrote:
> On 3/27/19 3:17 PM, sq...@buglecreek.com wrote:
> > Operating in reverse proxy mode. I'm trying to send a TCP reset in
> > response to the acl below:
> >
> > acl example_url url_regex -i [^:]+://[^0-9]*.example.com.*
> > deny_info TCP_R
I have seen the use of deny_info done a few ways in regard to the
placement of the htttp_access line:
acl www dstdomain www.example.com
deny_info http://www.other.com www
http_access deny www
Or
http_access deny www
deny_info http://www.other.com www
The example on the squid acl page uses the
I have a 3.1 accelerator and have set the logs up to emulate _httpd_log.
On the standard squid log I can see which backend server the request
was sent to:
1481343537.601 1 192.168.1.227 TCP_MISS/200 496 GET
https://192.168.1.102/ - ROUNDROBIN_PARENT/192.168.1.21 text/html
When I turn on ht
On Fri, Jan 20, 2017, at 01:42 AM, Amos Jeffries wrote:
> On 20/01/2017 3:01 p.m., creditu wrote:
> > Had a question about dst and dstdomain acls. Given the sample below:
> >
> > http_port 192.168.100.1:80 accel defaultsite=www.example.com vhost
> > acl ww
Had a question about dst and dstdomain acls. Given the sample below:
http_port 192.168.100.1:80 accel defaultsite=www.example.com vhost
acl www dstdomain www.example.com dev.example.com
cache_peer 10.10.10.1 parent 80 0 no-query no-digest originserver
round-robin
cache_peer_access 10.10.10.1 allo
On Mon, Dec 19, 2016, at 06:58 PM, cred...@eml.cc wrote:
>
> On Sun, Dec 18, 2016, at 11:24 PM, Amos Jeffries wrote:
> > On 19/12/2016 5:59 p.m., creditu wrote:
> > >
> > > On Sun, Dec 18, 2016, at 01:21 PM, Michael Pelletier wrote:
> > >&
On Sun, Dec 18, 2016, at 11:24 PM, Amos Jeffries wrote:
> On 19/12/2016 5:59 p.m., creditu wrote:
> >
> > On Sun, Dec 18, 2016, at 01:21 PM, Michael Pelletier wrote:
> >> Check your file permissions on the key.
> >>
> >> On Dec 18, 2016 2:13 PM, cr
On Sun, Dec 18, 2016, at 01:21 PM, Michael Pelletier wrote:
> Check your file permissions on the key.
>
> On Dec 18, 2016 2:13 PM, wrote:
>
> > I'm having trouble getting the sslpassword_program working for an
> > encrypted key. Config looks like this:
> >
> > sslpassword_program /usr/local/bi
I'm having trouble getting the sslpassword_program working for an
encrypted key. Config looks like this:
sslpassword_program /usr/local/bin/pass.sh
https_port 10.10.10.1:443 accel vhost cert=/etc/squid/www.crt
key=/etc/squid/private.key
On start, cache log states "Ignoring https_port 10.10.10.
On Tue, Dec 13, 2016, at 06:33 PM, Amos Jeffries wrote:
> On 14/12/2016 2:10 p.m., creditu wrote:
> > Looking for the best way to provide cache peer access for two urls on a
> > 3.1 accelerator. For example if a set of backend servers fullfill
> > requests for both ww
Looking for the best way to provide cache peer access for two urls on a
3.1 accelerator. For example if a set of backend servers fullfill
requests for both www.example.com and www-legacy.example.com is the
following the correct way to handle them in regards to the cach peer
access?
http_port 19
On Sun, Dec 4, 2016, at 08:19 PM, Amos Jeffries wrote:
> On 5/12/2016 1:44 p.m., cred...@eml.cc wrote:
> > For a 3.1 accelerator we have put the followinconfig together. This
> > accelerator will not be doing any caching since we use an external
> > service. Initially both http and https will be
For a 3.1 accelerator we have put the followinconfig together. This
accelerator will not be doing any caching since we use an external
service. Initially both http and https will be provided. Some
questions: I think the ordering of statements and acls is correct, but
was hoping to get some fe
On Sat, Dec 3, 2016, at 04:13 PM, Amos Jeffries wrote:
> On 4/12/2016 11:08 a.m., creditu wrote:
> > I am trying to finalize an accelerator configuration in 3.1. The
> > accelerator has cache disabled (we use an external service) with cache
> > deny all. We have several
I am trying to finalize an accelerator configuration in 3.1. The
accelerator has cache disabled (we use an external service) with cache
deny all. We have several public IPs that send requests to back end
Apache servers using http. The accelerator will provide both http and
https for a while. A
Thanks for the explanation. We are on not on 3.2 (or greater) yet and
it doesn't appear concurrency is supported, so it looks like a single
threaded redirector for a little while longer.
On Sat, Nov 26, 2016, at 01:44 AM, Amos Jeffries wrote:
> On 26/11/2016 8:54 a.m., cred...@eml.cc wrote:
>
Using the first example in the link that was shared
(http://wiki.squid-cache.org/Features/Redirectors), I was able to get it
to work after seeing what was being sent to the redirector script. In
my case the URL was at $X[0] and I had to remove all references to $X[0]
in what was being sent back to
I'm in the process of converting all our sites from purely http to https
using squid accelerators . During the initial roll out both http and
https will be accepted. After that we want to only accept https, so a
redirect from http to https will be needed. What I have below seems to
work, but I w
I'm having trouble understanding how to configure an accelerator to
handle multiple IPs and backend servers. In the past we used virtual
IPs and a redirector script to send the requests to a given backend.
Now we need to change to cache peer statements.
Given the following:
Squid listens on:
We have been using squid in accelerator mode for a number of years. In
the current setup we have the squid frontends that send all the http
requests to the backend apache webservers using a simple redirect
script. We need to switch to https for the public presence.
So, our initial thought would b
25 matches
Mail list logo
