On Wed, 21 Jul 2004, Merton Campbell Crockett wrote:
Even with Duane Wessel's "Squid, The Definitive Guide" as a reference, it
is a daunting task to determine which of the configuration options will
provide the behaviour that you would like to see.
(1) I would like to have all requests for external (non-corporate)
web content forwarded to a Squid proxy at the security boundary.
This seems to be addressed adequately with the following.
acl CORP dstdomain .corp.com
never_direct allow !CORP
(2) I would like all requests for local content to be retrieved from
the local web server.
acl DIV dstdomain .div.corp.com
always_direct allow DIV
(3) The links to other divisions are being changed from dedicated
circuits to a dynamic VPN architecture. I would like to relay
requests to a Squid proxy at the division where the content is.
In the past, I have used cache_peer_domain for this.
(4) Before performing (1) or (3), I would like to determine if a local
Squid proxy already has a fresh copy of the requested content. It
doesn't seem desirable to be moving content repeatedly over a link
where the payload will be encrypted and fragmented.
Any suggestions on the "best" method of obtaining the desired behaviour?
Merton Campbell Crockett
-- BEGIN: vcard VERSION: 3.0 FN: Merton Campbell Crockett ORG: General Dynamics Advanced Information Systems; Intelligence and Exploitation Systems N: Crockett;Merton;Campbell EMAIL;TYPE=internet: mcc@CATO.GD-AIS.COM TEL;TYPE=work,voice,msg,pref: +1(805)497-5045 TEL;TYPE=work,fax: +1(805)497-5050 TEL;TYPE=cell,voice,msg: +1(805)377-6762 END: vcardReceived on Wed Jul 21 2004 - 08:26:09 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Aug 01 2004 - 12:00:02 MDT