[squid-users] https_port Listen on different IP
Amos Jeffries
squid3 at treenet.co.nz
Sun Oct 21 06:15:47 UTC 2018
On 21/10/18 6:12 AM, Alex Rousskov wrote:
> On 10/20/18 7:47 AM, houheming wrote:
>> 1. Configure Squid to automatically generate origin server certificates
>> (signed by a configured CA X) and send them to browsers/clients that go
>> to those origin servers.
>
> OK.
>
>
>> If I configure squid like:
>>
>> https_port 180.97.33.107:443 ...
>> https_port 180.97.33.108:443
>> https_port 443
>
>> when I use “squid –k reconfigure” to reconfigure squid, no error message.
>
> In general, avoid using "-k anything" as the primary configuration test.
> It just complicates matters by introducing a different error checking
> context. Use a clean start. I am _not_ saying that a clean start would
> have solved your problem in this particular case.
>
>
>> But when I check the tcp ports listening:
>
> [image showing the first two out of three configured :443 ports]
>
> If Squid did not complain about anything but did not start listening on
> one of the configured ports, then there is a Squid error reporting bug
> somewhere. Feel free to report it to Squid bugzilla.
>
> My suggestion to reorder those https_port lines was wrong. The wildcard
> bind(INADDR_ANY) system call does not bind to "any available" address.
> It binds to "all" addresses and, hence, fails if one of the addresses is
> not available.
Aye.
Just double-checked, Squid does report this problem:
"2018/10/21 19:12:30 kid1| ERROR: listen( FD 21, [::] [ job2], 256):
(98) Address already in use"
... but only only for -k start / restart / reconfigure.
The -k parse does not check it.
Amos
More information about the squid-users
mailing list