[squid-users] Advice on Cache Peer ACLs
creditu at eml.cc
creditu at eml.cc
Fri Aug 30 15:44:56 UTC 2019
We use several squid servers in accelerator mode for load balancing to send public requests to backend servers. The squids don't do any caching, they just forward requests to the backend.
We have cache_peer directives to send the incoming requests to the backend Apache servers. What I need to do is send requests to a certain page to a specific backend server and all others to the other backends. The site has many pages, subpages etc.
What I want to do is if someone requests:
https://www.example.com/anything/anything/script.php or https://origin-www.example.com/anything/anything/etc/etc/script.php
Send the request to only .1, .2,.3.
If someone requests :
https://www.example.com/anything/tst/map2/script.php or https://origin-www.example.com/anything/anything/tst/map1/etc/script.php
Send that request only to .4 and .5.
It seems to work most of the time, but tailing the access logs on the servers I sometimes see one of the requests for ../tst/map2/... or map1 show up on .1,.2, or .3.
Is there something I'm missing?
Here is what I have so far.
acl all_requests dstdomain -n www.example.com origin-www.example.com
acl limited url_regex -i /tst/map1|/tst/map2
cache_peer 192.168.1.1 parent 80 0 no-query no-digest connect-fail-limit=10 weight=1 originserver round-robin
cache_peer_access 192.168.1.1 deny limited
cache_peer_access 192.168.1.1 allow all_requests
cache_peer_access 192.168.1.1 deny all
cache_peer 192.168.1.2 parent 80 0 no-query no-digest connect-fail-limit=10 weight=1 originserver round-robin
cache_peer_access 192.168.1.2 deny limited
cache_peer_access 192.168.1.2 allow all_requests
cache_peer_access 192.168.1.2 deny all
cache_peer 192.168.1.3 parent 80 0 no-query no-digest connect-fail-limit=10 weight=1 originserver round-robin
cache_peer_access 192.168.1.3 deny limited
cache_peer_access 192.168.1.3 allow all_requests
cache_peer_access 192.168.1.3 deny all
cache_peer 192.168.1.4 parent 80 0 no-query no-digest connect-fail-limit=10 weight=1 originserver round-robin
cache_peer_access 192.168.1.4 allow limited
cache_peer_access 192.168.1.4 deny all
cache_peer 192.168.1.5 parent 80 0 no-query no-digest connect-fail-limit=10 weight=1 originserver round-robin
cache_peer_access 192.168.1.5 allow limited
cache_peer_access 192.168.1.5 deny all
More information about the squid-users
mailing list