• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2080
  • Last Modified:

Cascading a proxy with another one.

I have my gateway proxy server with ip with port 8080(ACL, Site restriction given), running in Red Hat Linux 3.2.3-20. Now I am with  new proxy with ip port 9000 with OS version Red Hat Linux 3.2.3-20. The second proxy will be used for upcountry,
Now i need to cascade port 9000 with with port 8080.Also i am able to browse in te second proxy configuring as proxy server in mozila browser.
Kindly guide to configure in the squid for port 9000 .
  • 4
  • 3
1 Solution
> Now i need to cascade port 9000 with with port 8080

Do you need to configure to use 1.1 or vice versa?

Read squid.conf file and find a cache_peer option. I recommend you to enable ICP protocol for inter-cache communication. If you can't use it:
"To have a non-ICP neighbor
#                    specify '7' for the ICP port and make sure the
#                    neighbor machine has the UDP echo port
#                    enabled in its /etc/inetd.conf file.

On down most (I guess it's a 1.254) proxy use the following squid.conf options on it:

http_port 9000
cache_peer 8080 7 [default]

If it is 1.1, use :
http_port 8080
cache_peer 9000 7 [default]

Spice_TelecomAuthor Commented:
Thanks . I am a beginner and teh recomendations is not working . Herewith attcahing the model diagram and conf required.

You are using incorrect address/mask for internal network, 195.168.x.x is a legal Internet IP address space, so your clients can't access these IPs, you are warned.

1) HTTP port and HTTPS ports can't be the same:

http_port 9000
https_port 9000

fix your config like:
http_port 9000
https_port 9443

2) Not right:
cache_peer parent 8080 0 default no-query

change to:
cache_peer parent 8080 7 default no-query
#        icp_port:  Used for querying neighbor caches about
#                 objects.  To have a non-ICP neighbor
#                 specify '7' for the ICP port and make sure the
#                 neighbor machine has the UDP echo port
#                 enabled in its /etc/inetd.conf file.

Also open UDP port 7 (echo) on, uncomment:
#echo   dgram   udp     wait    root    internal
and restart inetd. Also open firewall rules for that port.

If you have some specific errors, please specify them also.
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

Spice_TelecomAuthor Commented:
HI ,
Thanks. Now i have changed my gateway proxy to The above steps have ben followed. Previously when i connected my clients it was giveing error as Acess denieed.

Now it is giving page cannot be displayed.

Hi, Spice_Telecom.

the same problem with config, http_port and https_port can't be the same!

Now you are using 9001:
http_port 9001
https_port 9001

but that's incorrect. Use http_port 9000 as in previous config and https_port 9001.

> Previously when i connected my clients it was giveing error as Acess denieed.

That's new info. So if you got Access denied, that's a problem  in ACL rules. Every user, that uses as a proxy server will be visible as parent proxy (because of cascading) and real IP address will be hidden, so Wite list and Black list on should consider that HTTP access will be from

Also tell me from what client are you trying to connect (IP address) and to what server?

Spice_TelecomAuthor Commented:
hi i am getting error as stated below

[root@SSP-VM squid]# /etc/init.d/squid reload
2008/07/16 20:01:35| squid.conf line 12: reply_body_max_size 0
2008/07/16 20:01:35| aclParseAccessLine: missing 'allow' or 'deny'.
squid: ERROR: No running copy
In a config you have sent in 1st post there is a line:

reply_body_max_size 0 allow all

Probably in most recent config you have no 'allow all', check it.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now