On 20/08/22 11:20, Marcelo wrote:
Thanks Alex,
1- Is it possible to provide me with an example of squid.conf of both parent
and child squids?
I am having very basic doubts about cache_peer and its very hard to find
complete squid.confs over the internet.
FWIW, *complete* squid.conf are usually useless because every network is
different. What you actually want is the *pieces* that do what you need.
2- cache-peer really routes the connection to the second squid server or
just look for a hit in a second server's cache?
I need the second server to not just authenticate the user, but to know from
which port the user got in the first squid server in order to forward this
user through different routes based on this incoming port number.
cache_peer directive is just the settings for *how* to connect to a
particular server. What URL format to use, whether to use TLS/SSL or
not, any non-80/443 port to connect to, what/how to pass login
credentials, etc.
cache_peer_access determines what traffic can (or must) be sent on a TCP
connection setup with a cache_peer's settings.
To pass unusual data like the original client info you should add a
Forwarded header with the relevant details.
So, in your frontend proxy you have:
# Special parent proxy for some traffic
cache_peer ... name=X
# which traffic to send to the special parent
acl specials dstdomain ...
never_direct allow specials
cache_peer_access X allow specials
cache_peer_access X deny all
# markup the traffic with Forwarded details
forwarded_for transparent
request_header_add Forwarded "for=%>a;by=_%lp" specials
In your backend Squid this ACL below matches the Forwarded header
received there. Use it as necessary to decide your traffic handling:
# match when frontend marked port X as receiving
acl portX req_header Forwarded ;by=_X(,|$)
HTH
Amos
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
