On Wed, 2008-06-11 at 13:15 +1200, Amos Jeffries wrote:
>
> You need a cache_peer for each unique source (the app server and the
> upstream proxy.)
> Chris has already pointed you at cache_peer_access. That with a few
> dstdomain ACL can route the app requests to the app peer and the rest at
> the parent proxy.
>
> Using a cache_peer for the app server drops any need for special DNS or
> hosts file config. Everything happens at one place inside the squid.conf.
>
>
> Amos
Thanks Amos + Chris!
I didn't like putting in fake DNS entries anyway, so this way is much
cleaner. For the archives, I have a 'edge' squid proxy, which can access
the internet, and an internal Apache reverse proxy serving versions of
our public websites for testing. I added an internal squid proxy, which
sends requests for the 'testing' versions of the websites to the
internal Apache reverse proxy, and requests for other sites onto the
edge squid proxy.
For the archive, the configuration is surprisingly simple:
acl tested_sites dstdomain www.foo.com
acl tested_sites dstdomain svc.foo.com
(etc)
cache_peer edge-proxy.internal parent 3128 0 proxy-only default
cache_peer apache-reverse-proxy.internal parent 80 0
cache_peer_access edge-proxy.internal deny tested_sites
cache_peer_access apache-reverse-proxy.internal deny !tested_sites
Thanks again
Tom
This archive was generated by hypermail 2.2.0 : Thu Jun 12 2008 - 12:00:04 MDT