Re: [squid-users] http and https redirection

From: Henrik Nordstrom <[email protected]>
Date: Fri, 1 Apr 2005 11:31:46 +0200 (CEST)

On Fri, 1 Apr 2005 wlagmay@yanbulink.net wrote:

> acl SSL method CONNECT
> never_direct allow SSL
> cache_peer proxy.ISP.net parent 8080 0 default
> cache_peer ssl-proxy.ISP.net parent 8080 0 default
> cache_peer_access proxy.ISP.net allow !SSL

For completeness you should also add

cache_peer_access ssl-proxy.ISP.net allow SSL

> My questions: If the request is http then there is no doubt that Im using the
> proxy.ISP.net, what if the request is https does my configuration will
> automatically forward it to ssl-proxy.ISP.net?

cache_peer_access is a filter per peer, defining what kind of requests may
be sent to this peer. If you have not set a cache_peer_access filter for a
specific peer then this peer is a candidate for all requests.

After this comes Squids normal peer selection algorithms, selecting which
of the available peer candidates the requests should be forwarded to.

The peer selection algorithms in rought order of preference:

    - Digest
    - ICP/HTCP
    - Direct if never_direct deny (default) and prefer_direct on.
    - default (1)
    - round-robin (1)
    - first available (1)
    - Direct if never_direct deny (default) and prefer_direct off.
    - any if never_direct allow

1: Only one peer of these is selected.

If there is a problem Squid automatically falls back on the next.

Regards
Henrik
Received on Fri Apr 01 2005 - 02:31:55 MST

This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:03 MDT