Below is the right config that I updated in my squid.conf file acl user1 note user username1 cache_peer Peer1 parent 3218 0 no-query connect-fail-limit=1 name=Peer1 cache_peer_access Peer1 allow user1 cache_peer_access Peer1 deny all
On Mon, Jul 6, 2020 at 9:28 PM Prem Chand <premchand...@gmail.com> wrote: > Hi Amos, > > On further digging I understood that acl route via cache_peer_access > (cache_peer_access Peer1 allow user1) is not working hence requests are > failing. I'm not sure the exact reason. Can you please suggest how to fix > this? > > acl user1 note user username1 > cache_peer Peer1 parent 3218 0 round-robin no-query weight=1 > connect-fail-limit=1 name=Peer1 > cache_peer_access Peer1 allow user1 > cache_peer_access deny all > > > On Mon, Jul 6, 2020 at 4:00 PM Prem Chand <premchand...@gmail.com> wrote: > >> Hi Amos, >> >> I tried the configuration that you suggested but I'm getting below error. >> It seems the requests are not getting forward to cache_peer. I'm unable to >> figure out what is the cause of the issue. If I revert it to my previous >> configuration I'm not seeing any issue with cache_peer's. >> >> ** Establish HTTP proxy tunnel to www.google.com:443 >> * Proxy auth using Basic with user 'username1' >> > CONNECT www.google.com:443 HTTP/1.1 >> > Host: www.google.com:443 >> > Proxy-Authorization: Basic bGluZTE6dGVzdGluZw== >> > User-Agent: curl/7.58.0 >> > Proxy-Connection: Keep-Alive >> > >> < HTTP/1.1 503 Service Unavailable >> < Server: squid/3.5.27 >> < Mime-Version: 1.0 >> < Date: Mon, 06 Jul 2020 10:24:28 GMT >> < Content-Type: text/html;charset=utf-8 >> < Content-Length: 3905 >> < X-Squid-Error: ERR_CANNOT_FORWARD 0 >> < Vary: Accept-Language >> < Content-Language: en >> < >> * Received HTTP code 503 from proxy after CONNECT >> * CONNECT phase completed! >> * Closing connection 0 >> curl: (56) Received HTTP code 503 from proxy after CONNECT >> >> On Thu, Jul 2, 2020 at 6:29 PM Prem Chand <premchand...@gmail.com> wrote: >> >>> Hi Amos, >>> >>> Thanks for the response. >>> >>> However, what do you want to happen when that user's dedicated peer is >>> unavailable? >>> Can it be routed to another peer if a dedicated peer is unavailable? >>> because each peer is accessed by a different username and password. If >>> there is an option to route then I will keep a backup peer(Peer4) so if any >>> one of the peers(Peer1,Peer2,Peer3) is unavailable it can route to the >>> backup peer and once the unavailable peer become available then traffic >>> should auto route to them from backup peer. >>> >>> If there is no option that fits as I explained above then I want to stop >>> all access for them. >>> >>> Are you wanting to keep this behaviour? >>> I don't want to use the round-robin behaviour. I want to route requests >>> to dedicated Peer/Client. >>> >>> On Thu, Jul 2, 2020 at 3:19 PM Prem Chand <premchand...@gmail.com> >>> wrote: >>> >>>> >>>> Hi, >>>> >>>> I need to redirect my clients requests to different Cache_peers using >>>> username and passwords through my proxy. Below is the rough sketch. Can >>>> someone suggest to me how I can achieve this? >>>> >>>> Client1(Username1:password1) ->Proxy:443 -> Cache_peer:3218 >>>> Client 2(Username2:password2)->Proxy:443-> Cache_peer:3219 >>>> . >>>> . >>>> . >>>> . >>>> >>>> This is my current configuration, I'm doing round robin through >>>> cache_peers when authenticated with a single username and password in >>>> /etc/squid/squidpasswdfile file >>>> >>>> auth_param basic program /usr/lib64/squid/ncsa_auth >>>> /etc/squid/squidpasswdfile >>>> auth_param basic realm proxy >>>> acl auth_users proxy_auth REQUIRED >>>> http_access allow auth_users >>>> http_access deny all >>>> cache_peer Peer1 parent 3218 0 round-robin no-query weight=1 >>>> connect-fail-limit=1 >>>> cache_peer Peer2 parent 3219 0 round-robin no-query weight=1 >>>> connect-fail-limit=1 >>>> cache_peer Peer3 parent 3219 0 round-robin no-query weight=1 >>>> connect-fail-limit=1 >>>> >>>> Thanks & Regards >>>> Premchand. >>>> >>> >>> >>> -- >>> prem >>> >> >> >> -- >> prem >> > > > -- > prem > -- prem
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
