[squid-users] HAProxy + Squid

neok service.mv at gmail.com
Thu Aug 8 13:47:56 UTC 2019 

Hi, I finally did the configuration differently. It's working very well for
me.

In squid.conf configuring:
acl haproxy src x.x.x.x # HAProxy Load Balancer IP
follow_x_forwarded_for allow haproxy

In haproxy.cfg configuring:
defaults
        global log
        mode http
        option httplog
        option dontlognull
        timeout connect 5000
        timeout client 50000
        timeout server 50000
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http

frontend squid
        bind *:3128
        default_backend squid_pool

backend squid_pool
        mode http
        SERVERID cookie insert indirect nocache
        balance source
        hash-type consistent
        option httpclose
        option forwardfor header X-Client
        option forwardfor
        server px1 x.x.x.1:3128 check inter 2000 rise 2 fall 3
        server px2 x.x.x.2:3128 check inter 2000 rise 2 fall 3

Greetings!

Gabriel 


Rafael Akchurin wrote
> Hello Gabriel,
> 
> We do exactly that in our lab, see docs at
> https://docs.diladele.com/administrator_guide_7_0/active_directory_extra/redundancy/haproxy_proxy_protocol.html
> It works perfectly.
> 
> Best regards,
> Rafael Akchurin
> Diladele B.V.
> 
> 
> 
> From: squid-users [mailto:

> squid-users-bounces at .squid-cache

> ] On Behalf Of Service MV
> Sent: Monday, July 22, 2019 4:37 PM
> To: 

> squid-users at .squid-cache

> Subject: [squid-users] HAProxy + Squid
> 
> Hello everyone, I would like to know if the configuration I want to do is
> viable:
> 1 Load Balancer HAProxy configured in TCP mode.
> 2 Squid servers 4.7.2 with negotiate kerberos authentication and LDAP
> group authorizations.
> The idea is that the web clients of my lan point to the IP/Name of the
> Load Balancer and that this distributes the load between the proxy
> servers.
> Attached is a link to a configuration diagram.
> https://cloudcraft.co/view/00ccd7cb-861c-4e70-a38e-980fdd6cfad3?key=iEa-Gyp8R0ZSh-fxDNi58A
> Thank you very much in advance for your comments.
> Best regards
> 
> Gabriel
> 
> 
> _______________________________________________
> squid-users mailing list

> squid-users at .squid-cache

> http://lists.squid-cache.org/listinfo/squid-users





--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html

More information about the squid-users mailing list