>gordon@drogon.net wrote:
>
>>someone close to us netwise wants to neighbour with us,
>> but is there a way I can stop them using us as a parent?
We are part of a regional network, it makes sense for us to peer
with the other members. But like gordon we don't want to be used as
a parent from outside our domain.
My expectation of peer behaviour is that only if the request is in the cache
is it is answered, there is no way for a peer to force a fetch.
Am I right? If so it is OK to allow friends access to the peer port.
icp_access deny !friend1 !friend2
On the parent port we have these access-lists (acl)s:
acl from-inside src <our class c net/255.255.0.0>
acl for-us domain <our domain name>
http_access allow from_inside
http_access deny !for_us
Now our cache runs as a parent for internal hosts and as an accelerator
for outsiders visiting our servers.
The idea behind this is to throw the bucks at the squid (big machine, fast
network) and let a relatively small machine sit behind it running the
httpd.
Soon all local info is cached and only needs to be replaced as it changes.
Duane, you thought there was some work to be done
before peers could be controlled, am I missing something?
michaelj
______________________________________________________________________
Michael James michael.james@canberra.edu.au
IT Development and Integration, University of Canberra, Australia
Lets face it: even if we had complete leisure and infinite money
We would never find anything as interesting as the internet to work on
______________________________________________________________________
Received on Tue Sep 10 1996 - 22:07:38 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:59 MST