Re: [squid-users] Squid as a non caching reverse proxy on Windows

Amos Jeffries wrote:
> Lyle wrote:
>> Hi All,
>> I've been having some trouble getting this setup. Initially I was
>> following a guide that didn't use a reverse proxy:-
>> http://news.ycombinator.com/item?id=612419
>> Which worked great locally, but not for any other computers. So I
>> figured it was missing a reverse proxy. I've managed to get Squid
>> installed and running on windows after following:-
>> http://www.ausgamers.com/features/read/2638752
>>
>> The issue is configuring it to act as a non caching reverse proxy, I
>> tried reading:-
>> http://www.visolve.com/squid/whitepapers/reverseproxy.php
>> But the internal DNS bits at the bottoms aren't clear and left me at
>> a loss.
>> I also read:-
>> http://wiki.squid-cache.org/SquidFaq/ReverseProxy
>> But found it difficult to follow.
>>
>> Here is what I'm trying to achieve:-
>>
>> I have one public IP, let's call it 100.100.100.100. In my local
>> network I have multiple machines. Two of them are 192.168.1.10 and
>> 192.168.1.20
>> On 192.168.1.10 I have Squid installed bound to 127.0.0.1:80 and both
>> IIS7 and Apache 2.2 on the same machine. Apache bound to 127.0.0.2:80
>> and IIS 127.0.0.3:80. 192.168.1.20 has Apache bound to port 80.
>>
>> Apache is serving test1.domain.com and IIS test2.domain.com, Apache
>> on 192.168.1.20 is serving test3.domain.com.
>> In my local etc/hosts file I've got:-
>> test1.domain.com 127.0.0.2
>> test2.domain.com 127.0.0.3
>> test3.domain.com 192.168.1.20
>> Which works great locally.
>>
>> domain.com is hosted on an external server. I've updated it's DNS
>> records with a new entry for test1 2 and 3 pointing to
>> 100.100.100.100. If I ping any of them it get 100.100.100.100
>>
>> All I need is the squid config to get the incoming requests and
>> forward to the correct local server based on domain name. But I just
>> can't seem to get my head around it, or find any straight forwards
>> guides online.
>>
>> Pls help :(
>
>
> Hi Lyle,
> That first tutorial seems to omit any info what its goal really is
> and has confused you terribly.
>
> Your Squid should _NOT_ be one of the apps listening on 127.0.0.*
>
> 127.0.0.* access is a private range only available to programs running
> on the same machine. When you have a public-facing Squid reverse proxy
> on the same machine for two web servers it makes sense to place the
> web servers on 127.*. But the Squid still has to be listening on
> 192.168.1.20 or 100.100.100.100.
>
>
> Setup your Squid like this to handle multiple virtual-hosted domains:
> http://wiki.squid-cache.org/ConfigExamples/Reverse/VirtualHosting
>
> and add these bits to it for handing multiple web servers:
> http://wiki.squid-cache.org/ConfigExamples/Reverse/MultipleWebservers
>
>
> Note that with dstdomain ACL and others Squid does not need to use DNS
> to figure out which web server each requests goes to. So hosts file is
> not used.
>
> The public-facing DNS should of course point all domains the three
> software service at the Squid listening IP so people can access them.
>
> Amos

Thanks Amos,
  I've followed those pages and managed to get it working :) The only
things I'll note for anyone else that finds this post are:-
* The order in which the conf appears is very important.
* To allow anyone in to view http from the internet:-
#http_access deny all
http_access allow all
* If people can't get in from the internet check your firewall and open
port 80

Lyle
Received on Sun Aug 23 2009 - 21:44:37 MDT