With squid 2.6 in a reverse proxy configuration with several domains, it's possible to have log messagees to separate files per cache_peer_domain.
Example with two peer domains.
www.abc.com
www.xyz.com
---squid.conf----
acl abc dstdomain www.abc.com
acl xyz dstdomain www.xyz.com
access_log /path/to/xyz.log squid xyz
access_log none xyz
access_log /path/to/abc.log squid abc
access_log none abc
access_log /path/to/access.log squid
---squid.conf end---
jueves, octubre 26, 2006
lunes, octubre 23, 2006
HTTP1.0 / HTTP1.1
Squid is a HTTP/1.0 proxy. But all HTTP/1.1 clients and servers MUST interoperate with HTTP/1.0 to be compliant.
The main difference this brings to the protocol (apart from version number) is that aplications or servers can't use transfer-encoding. The rest of HTTP/1.1 is supported fine over HTTP/1.0.
Transfer-Encoding tells the receiver what encoding has been performed on the message in order for it to be safely transported.
All transfer-encoding values are case-insensitive. HTTP/1.1 uses transfer-encoding values in the TE header field and in the Transfer-Encoding header field. The latest HTTP specification defines only one transfer encoding, chunked encoding.
The main difference this brings to the protocol (apart from version number) is that aplications or servers can't use transfer-encoding. The rest of HTTP/1.1 is supported fine over HTTP/1.0.
Transfer-Encoding tells the receiver what encoding has been performed on the message in order for it to be safely transported.
All transfer-encoding values are case-insensitive. HTTP/1.1 uses transfer-encoding values in the TE header field and in the Transfer-Encoding header field. The latest HTTP specification defines only one transfer encoding, chunked encoding.
viernes, octubre 13, 2006
Relay server for SSL connections
If you have overladed web servers you can save the SSL load put in front of their a relay proxy for ssl connections. This means that this proxy will accept HTTPS connections and will translate them into HTTP requests on another server.
This can be achieve with:
https_port directive.
and setting up squid as an https accelerator for the http server.
Example configuration;
https_port 443 cert=/path/to/sslcert.pem defaultsite=your.site.name
cache_peer ip.of.apache 80 0 no-query originserver
This can be achieve with:
https_port directive.
and setting up squid as an https accelerator for the http server.
Example configuration;
https_port 443 cert=/path/to/sslcert.pem defaultsite=your.site.name
cache_peer ip.of.apache 80 0 no-query originserver
Redirector in a reverse proxy scenario
A common technique using in a reverse proxy scenario where virtual hostnames are distributed to several internal servers is using a redirector. But with the new 2.6 squid there is a better way to achieve this feature.
You can forward the requests with:
cache_peer + cache_peer_acess + never_direct
This is the recommend method if the other server is supposed to act exactly like the real web site, including it's name.
You can forward the requests with:
cache_peer + cache_peer_acess + never_direct
This is the recommend method if the other server is supposed to act exactly like the real web site, including it's name.
2Gb access.log
"FATAL: logfileWrite: /var/log/squid/access.log: (11) Resource
> temporarily unavailable"
A quit common cause for this message is the access.log reaching the magic 2GB barrier of 32-bit applications.
A common solution for this is compile squid with large cache files support.
From the configure script.
--with-large-files Enable support for large files (logs etc).
--enable-large-cache-files
Enable support for large cache files (>2GB).
WARNING: on-disk cache format is changed by this option
> temporarily unavailable"
A quit common cause for this message is the access.log reaching the magic 2GB barrier of 32-bit applications.
A common solution for this is compile squid with large cache files support.
From the configure script.
--with-large-files Enable support for large files (logs etc).
--enable-large-cache-files
Enable support for large cache files (>2GB).
WARNING: on-disk cache format is changed by this option
lunes, octubre 02, 2006
Use the no_cache directive correctly
If you don't want cache some object, the best directive to achieve it is the
no_cache directive
acl QUERY urlpath_regex cgi-bin \? \.asp$ \.php$
no_cache deny QUERY
The refresh_pattern directive only applies on pages where there is no explicit expiry information set by the origin server.
no_cache directive
acl QUERY urlpath_regex cgi-bin \? \.asp$ \.php$
no_cache deny QUERY
The refresh_pattern directive only applies on pages where there is no explicit expiry information set by the origin server.
Suscribirse a:
Entradas (Atom)
