[squid-users] Squid cache_peer in tproxy
Amos Jeffries
squid3 at treenet.co.nz
Mon Jun 8 22:42:33 UTC 2015
On 8/06/2015 9:20 p.m., Stakres wrote:
> Hi All,
>
> We're facing a weird issue with the cache_peer and tproxy.
>
> Squid 3.5.4
> users -> squid1 -> squid2/squid3 -> internet
>
> squid1:
> http_port 3128
> http_port 3129 tproxy
> icp_port 3130
> cache_peer 192.168.1.2 parent 3128 3130 proxy-only weighted-round-robin
> background-ping no-digest
> cache_peer 192.168.1.3 parent 3128 3130 proxy-only weighted-round-robin
> background-ping no-digest
>
> squid2:
> http_port 3128
> icp_port 3130
> cache_peer 192.168.1.3 sibling 3128 3130 proxy-only no-digest
>
> squid3:
> http_port 3128
> icp_port 3130
> cache_peer 192.168.1.2 sibling 3128 3130 proxy-only no-digest
>
> The user IPs are corrects at the squid1 but we lost them at the
> squid2/squid3, here we see the squid1 ip only.
> Where are we wrong ?
Lost in what way?
The expected behaviour is that the client IP is used as src-IP on the
squid1->squid2 or squid1->squid3 TCP connections. TPROXY in squid1 has
no involvement with squid2/squid3 past that.
Since a cache_peer proxy cannot be a TPROXY (origin server) by
definition the other proxies connect out with their own IPs to upstream
servers.
Amos
More information about the squid-users
mailing list