[squid-users] Cache peer selection with duplicate host names

squid-users at filter.luko.org squid-users at filter.luko.org
Mon Apr 24 02:12:22 UTC 2017 

Hi Squid users,

I'm having some trouble understanding Squid's peer selection algorithms, in
a configuration where multiple cache_peer lines reference the same host.

The background to this is that we wish to present cache service using
multiple accounts at an upstream provider, with account selection taking
place based on the local TCP port (8080, 8181, 8282) the request arrived on.

First we define the cache peers:

cache_peer proxy.myisp.net parent 8080 0 login=staffuser:abc123 no-query
no-digest no-netdb-exchange connect-timeout=1 connect-fail-limit=2
name=Staff
cache_peer proxy.myisp.net parent 8080 0 login=guestuser:abc123 no-query
no-digest no-netdb-exchange connect-timeout=1 connect-fail-limit=2
name=Guest
cache_peer proxy.myisp.net parent 8080 0 login=PASS no-query no-digest
no-netdb-exchange connect-timeout=1 connect-fail-limit=2 name=Student

Then lock access down:

acl localport_Staff localport 8282
acl localport_Guest localport 8181
acl localport_Student localport 8080
cache_peer_access Staff allow localport_Staff !localport_Guest
!localport_Student
cache_peer_access Guest allow localport_Guest !localport_Staff
!localport_Student
cache_peer_access Student allow localport_Student !localport_Guest
!localport_Staff

To reproduce the error, first a connection is made with wget to tcp port
8282:

  http_proxy=http://10.159.192.24:8282/ wget www.monash.edu --delete-after

Squid selects the Staff profile as expected:

  1492999376.993    811 10.159.192.26 TCP_MISS/200 780195 GET
http://www.monash.edu/ - FIRSTUP_PARENT/Staff text/html "EDU%20%20%20en"
"Wget/1.12 (linux-gnu)"

Then another connection is made, this time to port 8080:

  http_proxy=http://10.159.192.24:8080/ wget www.monash.edu --delete-after

But instead of the desired Student profile being selected, the Staff profile
is still used instead:

  1492999405.953    338 10.159.192.26 TCP_MISS/200 780195 GET
http://www.monash.edu/ - FIRSTUP_PARENT/Staff text/html "EDU%20%20%20en"
"Wget/1.12 (linux-gnu)"

I had a look in the cache.log with debug_options 44,6 enabled.  None of the
messages reference the contents of the name= parameter in the cache_peer
lines; only hostnames and IP addresses are mentioned.  I suspect that the
peer selection algorithms have changed since Squid 3.1, whereby peers are
now selected based on hostname (or IP address) rather than the name defined
in the cache_peer line.  Is this correct?  If so, is there any other way to
achieve the functionality outlined above (hit different usernames on an
upstream peer based on which localport the request arrived on?)

Cheers
Luke

More information about the squid-users mailing list