We help IT Professionals succeed at work.
Get Started

Using Squid to route requests for a specific sites to another proxy

za_mkh
za_mkh asked
on
2,496 Views
Last Modified: 2013-12-23
Hi,

We using a Smoothwall Squid proxy. Which is working fine! We have some access rules configured where requests for specific intranet domains are sent to another upstream squid proxy for resolution etc. This worked well for the last three years. However, we now have a request that some specific intranet websites now need to be sent to another proxy for resolution, and this is where I am having issues!  The problem is that regardless of what I do, all requests go to the primary server.

Listed below is information on the upstream proxies:

Upstream Proxy 1 is 10.10.10.10
Upstream Proxy 2 is 11.11.11.11

I have the appropriate acls setup on the local SQUID proxy. They are listed in the code window below.

As you can see the "specific sites" are subsets of the .net.local domain and hence Squid is therefore sending the requests the primary server. If I remove .net.local from the allsites.acl file, then it gets routed to the second proxy. But then, all other .net.local sites requests cause the local SQUID proxy to connect directly to intranet site in question instead of sending it to the upstream proxy.

So I still need all other .net.local sites to go via proxy 1.

Does anybody have an idea on how I can achieve that so that only the specific sites go to proxy 2?

I have tried the urldom_regex option but I get the same results.
#allsites upstream proxy
cache_peer 10.10.10.10 parent 8080 0 default no-query login=PASS connect-timeout=30 originserver connection-auth=auto http11
acl allsites dstdom_regex "/var/smoothwall/proxy/advanced/acls/allsites.acl"
never_direct allow allsites.acl
cache_peer_access 10.10.10.10 allow allsites

#specific sites upstream proxy
cache_peer 11.11.11.11 parent 8080 0 no-query login=PASS connect-timeout=30 originserver connection-auth=auto http11
acl allsites dstdom_regex "/var/smoothwall/proxy/advanced/acls/specificsites.acl"
never_direct allow specificsites.acl
cache_peer_access 11.11.11.11 allow specificsites

listing of the allsites.acl file
.net.local
.com
.co.uk

listing of the specificsites.acl file
site.net.local
site4.net.local

Open in new window

Comment
Watch Question
Top Expert 2005
Commented:
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE