[squid-users] squid 5.1: external_acl_type: Get public remote address
David Touzeau
david at articatech.com
Thu Sep 16 18:52:38 UTC 2021
Thanks for the clarification and I agree with you completely.
a multipath and a round-robin DNS method will return different records
between our DNS calculation and the final squid results
It is true that it would be possible to use an external_acl in the
http_reply_access.
Do you think that adding it in this position I would be able to use
squid's resolution results ?
Le 16/09/2021 à 19:43, Alex Rousskov a écrit :
> On 9/16/21 1:30 PM, David Touzeau wrote:
>
>> I'm turning to create a DNS resolution dev and I'm giving up looking
>> retreive this information through Squid.
> Please note that if you do your own DNS resolution, then Squid DNS
> resolution results will probably mismatch your results in some cases.
> There have been many complaints about associated problems from folks
> that went this route...
>
> I am not sure what you are trying to do with that a %<a-based external
> ACL in Squid, so it is difficult to narrow down the solution search
> scope, but Squid does support slow ACLs in certain directives used when
> talking to origin servers or peers (after built-in DNS resolution and
> destination selection) so perhaps there is a way to do what you want
> without Squid modifications.
>
> If there is not, it would not be difficult to add a post-resolution
> directive that supports slow ACLs IMO, but, again, that requires more
> knowledge of the use case -- there are several places where such a
> directive can be added.
>
>
> Cheers,
>
> Alex.
>
>
>
>> Le 16/09/2021 à 19:13, Amos Jeffries a écrit :
>>> On 17/09/21 2:42 am, David Touzeau wrote:
>>>> Thanks Amos for quick answer.
>>>>
>>>> Can you take away any hope of a workaround with Squid ?
>>>>
>>>> This makes me plan having to develop a function that has to perform
>>>> DNS resolution inside the helper with the performance consequences
>>>> that this will impose.
>>>>
>>> I would be looking at a design where a helper classifies requests and
>>> using that later on when the server is known to match up the IP vs the
>>> classification. I'm struggling to think of a flow that works
>>> efficiently though.
>>>
>>> Amos
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20210916/301f5f4d/attachment-0001.htm>
More information about the squid-users
mailing list