[squid-users] help setting up hierarchy
Alex Samad
alex at samad.com.au
Sun Mar 15 22:24:34 UTC 2015
Hi
I have 2 squid boxes that exist in my 2 DC.
They are on the same vlan/ ip network and i use dns round robin
cache_peer <other> sibling 3128 3130 proxy-only
in addition to this I added in
# ICP ALLOW
acl icp_allowed src 10.3.2.1/32 << the ip of the other squid box to allow icp
http_access allow icp_allowed << need to allow this so that squid -a
can request from squid-b with out authenticating (do I need todo this)
icp_port 3130
icp_access allow icp_allowed
icp_access deny all
these are running squid-3.1.10-29.el6.x86_64
my new box (in the office) is running
squid-3.4.10-1.el6.x86_64
cache_peer squid-b parent 3128 0 weighted-round-robin weight=5
cache_peer squid-a parent 3128 0 weighted-round-robin weight=2
I had to turn on ICP I kept seeing error of not allowed !
We have authenticated access to the proxy, usually via ntlm so all
requests are logged against a user.
I do have some boxes that need unauthenticated access
Config questions
1) how to I get user authentication to flow through
if a user requests from squid-a and it takes it from squid-b. I
would like the user id's logged on both
if a user requests from new squid to either squid-a or squid-b. I
would like the auth (which would be done on new-squid) to flow through
to either squid-a or squid-b.
2)
More information about the squid-users
mailing list