On Sat, 15 Jan 2005, Chow mae wrote:
Now the question is: if I use http_accel_uses_host_header on, and the squids have the real IPs in /etc/hosts for logo1-4, then the squids should just be able to hit each of the origin servers on the backend fine, assuming that the requests have host headers for logo1-4, correct ?
Correct.
But you should also set up proper access controls in http_access limiting to which destinations the proxy will allow requests. If not it can easily be abused to reach other sites..
An alternative method is to tell Squid about each web server using cache_peer, control which requests gets sent where with cache_peer_access and force Squid to use the peers via never_direct. This gives you better control over how Squid distributes the load on the web servers, for example if you have multiple backend servers for the same content.
and would there be anything special about having the squid pool take the incoming requests on one interface/IP (seen by the load balancer), and having
Squid doesn't care much about what your network layout looks like, as long as it is a valid network that can be used for TCP/IP communication. So as long as you make sure the routing etc is correctly set up Squid will work fine.
Regards Henrik
