[squid-users] "Failed to select source for 'http://...'"

From: Merton Campbell Crockett <mcc@dont-contact.us>
Date: Mon, 19 Jul 2004 06:52:57 -0700 (PDT)

Although squid.conf has changed over the years and some adjustment have
been made; I am using, in essence, the same relatively simple squid.conf
file that I used in the mid-nineties. The last significant change was to
support load-balanced sibling servers. This wasn't a major change as it
was implemented primarily through JavaScript changes to proxy.pac.

To implement new policies foisted on us by the corporate ethics committee,
HR, and legal counsel; I need to force internal Squid servers to relay
requests to a Squid server at the corporate security perimeter.
 
On one of the internal Squid proxies, I created an ACL and the following
never_direct statement.

        acl GDAIS .gd-ais.com
        never_direct allow !GDAIS

While this seemed to work for web sites that weren't in the GD-AIS.COM
domain, I could no longer access content from any web servers that were in
the domain. In the cache.log, I found the following error message.

        Failed to select source for `http://...'

These were followed by state flags(?) for always_direct, never_direct, and
timeout. One question that I have is what are the meanings of the states?

        always_direct = -1 always_direct = 0
         never_direct = 1
              timeout = 1 timeout = 0

What is the interaction between 'cache_peer_domain' and 'never_direct'? I
had, apparently, implemented something similar to 'never_direct' years ago
using 'cache_peer_domain'. This defined which Squid proxy server should
be used to access content on our internal WAN and appears to create a
conflict with 'never_direct'.

Finally, do the rules for origin servers also apply to Squid proxies? The
error messages displayed in the browser seem to indicate that is the case.

Merton Campbell Crockett 

-- 
BEGIN:				vcard
VERSION:			3.0
FN:				Merton Campbell Crockett
ORG:				General Dynamics Advanced Information Systems;
				Intelligence and Exploitation Systems
N:				Crockett;Merton;Campbell
EMAIL;TYPE=internet:		mcc@CATO.GD-AIS.COM
TEL;TYPE=work,voice,msg,pref:	+1(805)497-5045
TEL;TYPE=work,fax:		+1(805)497-5050
TEL;TYPE=cell,voice,msg:	+1(805)377-6762
END:				vcard
Received on Mon Jul 19 2004 - 07:55:55 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Aug 01 2004 - 12:00:02 MDT