[squid-users] Working proxy_protocol_access settings on Squid 3.5 or 4?
twk at ncsu.edu
Tue Sep 24 16:02:07 UTC 2019
Our current production configuration is squid 3.123 with LVS load
balancing. The desired production configuration is 3.5.20 with a FortiADC
load balancer. I am working with networking staff on the configuration. If
I directly connect to the actual proxy server behind the load balancer, I
2019/09/24 11:31:46 kid1| PROXY protocol error: invalid header from local=
220.127.116.11:3128 remote=18.104.22.168:65220 FD 16 flags=1
Relevant squid.conf on the server looks like this :
acl fortiadc src 10.50.54.0/24
acl fortiadc src 22.214.171.124/24 <----temporary for testing by going
directly to the proxy server and not the load balancer
proxy_protocol_access allow fortiadc
proxy_protocol_access allow localnet
follow_x_forwarded_for allow localhost
follow_x_forwarded_for allow localnet
http_port 3128 require-proxy-header
I have tried adding the following...it appears to make no difference.
So, you are saying that v4 does not contain changes to fix the "PROXY
protocol error" and my only option at this point is v5 code? (or fall back
to using LVS with 3.5.20) Just trying to understand my options.
On Mon, Sep 23, 2019 at 4:47 PM Alex Rousskov <
rousskov at measurement-factory.com> wrote:
> On 9/23/19 4:14 PM, Tom Karches wrote:
> > The suggestion was to move to Squid 4 as noted here :
> > This was back in Oct 2018. Has anything changed since then?
> Yes, the changes I mentioned then have been accepted:
> The above pull request contained lots of PROXY protocol fixes and
> several important improvements. Those changes are not in v4, but master
> (future v5) code is available and works well for some. YMMV.
> I do not recall any fixes going back into v3, but I did not check.
> squid-users mailing list
> squid-users at lists.squid-cache.org
NCSU OIT CSI - Systems Specialist
M.E Student - Technology Education
Hillsborough 319 / 919.515.5508
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the squid-users