[squid-users] Squid as reverse proxy for two or more webs

erdosain9 erdosain9 at gmail.com
Fri Aug 10 14:26:31 UTC 2018 

> php.mydomain.lan 192.168.1.223
> ticket.mydomain.lan 192.168.1.246

>.. and clients never connect to the above directly. So these domains are
>never to be accessed by users/clients.

The client can connect directly from the domain. (i mean they can connect
directly in work, but i want to do this (proxy reverse, for when they are at
home...) I dont public yet nothing of this, im trying to do it first inside
my network.

>If (as I suspect) the above statements are not true, then your naming is
>the first thing that is wrong.

Why?

>The domain name(s) which your clients access should point to the proxy.
>There can be multiple.

I dont get this.

>Right now your ticket_acl and php_acl are exactly the same. So they are
>telling Squid that both peers are providing identical content (ie both
>are authoritative for anything inside *.mydomain.lan). The first of the
>available peers will be used, unless it starts to overload then the
>second will start receiving the traffic.


>To send traffic to one of the peers and not the other you need some way
>to distinguish between them.

>Normally you would have the ticket.* and php.* domain names both
>pointing at Squid (192.168.1.21) so your ACLs can check for and use the
>domain name to identify which peer is supposed to receive it.

I create two entries pointing to squid in DNS now.
site1.mydomain.lan
site2.mydomain.lan

>The config example you want to follow is
><https://wiki.squid-cache.org/ConfigExamples/Reverse/MultipleWebservers>.

I read that... but i dont get what im doing wrong.


this is the config now.

http_port 192.168.1.21:80 accel vhost


cache_peer 192.168.1.246 parent 80 0 proxy-only name=site1
cache_peer 192.168.1.223 parent 80 0 proxy-only name=site2


acl soporte_acl dstdomain ticket.MYDOMAIN.lan
http_access allow soporte_acl
cache_peer_access site1 allow soporte_acl


acl phplists_acl dstdomain php.MYDOMAIN.lan
http_access allow phplists_acl
cache_peer_access site2 allow phplists_acl

------------------------------------------------------------

But, i get this error

" Unable to forward this request at this time."

1533911112.071      1 192.168.6.20 TCP_MISS/500 4605 GET
http://site1.MYDOMAIN.lan/ - HIER_NONE/- text/html
1533911112.193      0 192.168.6.20 TCP_MEM_HIT_ABORTED/200 4274 GET
http://reverse.MYDOMAIN.lan/squid-internal-static/icons/SN.png - HIER_NONE/-
image/png
1533911124.117      0 192.168.6.20 TCP_MISS/500 4605 GET
http://site2.MYDOMAIN.lan/ - HIER_NONE/- text/html
1533911124.217      0 192.168.6.20 TCP_MEM_HIT_ABORTED/200 4274 GET
http://reverse.MYDOMAIN.lan/squid-internal-static/icons/SN.png - HIER_NONE/-
image/png

Thanks to all.



--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html

More information about the squid-users mailing list