[squid-dev] How to enable proxy protocol v2 on squid version 4.6.1, and NLB

summaiya summaiya at amazon.co.uk
Fri Jun 21 10:45:33 UTC 2019

Hi All, 

I have deployed EC2 Egress URL Filtering Squid Proxy solution, I have used
AWS PrivateLink to centralize web filtering in explicit mode. Squid proxy
farm is implemented by a Network Load Balancer which distributes TCP
requests across multiple Target Squid proxy instances, running in separate
Availability Zones

My setup is similar to that mentioned in this blog :-

I have installed Squid version 4.6.1, but the access log do not show the
client ip address, even though I added the below rules:- 
http_port 3128 require-proxy-header
http_port 3128
proxy_protocol_access allow localnet

The proxy settings at the client are below :-
[root at ip-172-16-1-99 ~]# export | grep proxy
declare -x
declare -x
declare -x no_proxy="

But still the access logs do not show the client ip address, am I missing
something in the solution.Do I have to enable the proxy protocol v2 at NLB
level as welll, will it break the application? 
I checked most of the similar blogs, but I did not find any proper solution.

Squid Access logs :- showing ip address of NLB not client ip address 

[root at ip-10-0-0-193 squid]# cat access.log
1560426278.960      0 TAG_NONE/400 4546 NONE error:invalid-request
- HIER_NONE/- text/html
1560426279.647      0 TAG_NONE/400 4546 NONE error:invalid-request
- HIER_NONE/- text/html

Kindly provide some steps which I need to take care at squid servers conf
file and at client instance.


Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Development-f1042840.html

More information about the squid-dev mailing list