Squid reverse proxy Several background web implementation instructions

1. Squid reverse proxy single background Web server

A, if the Web server and the reverse proxy server are two separate machines (the general reverse proxy should have two network cards are connected to the internal and external network respectively). Then, you should modify the following to set up the reverse proxy service.

Http_port # Squid listening on the port

Httpd_accel_host 192.168.0.100 # The IP address of the internal Web server

Httpd_accel_port # The IP address of the Web server

Httpd_accel_single_host on # Forwarding for buffered requests to a separate machine

Httpd_accel_with_proxy on #

Httpd_accel_uses_host_header off

B, if the Web server and the reverse proxy server are the same machine. Then, the Web server's listening port should be set to a non-80 port (for example, 81 port). The contents to be modified are as follows:

Http_port # Squid listening on the port

Httpd_accel_host localhost # The IP address of the internal Web server

Httpd_accel_port Bayi # The IP address of the Web server

Httpd_accel_single_host on # Forwarding for buffered requests to a separate machine

Httpd_accel_with_proxy on #

Httpd_accel_uses_host_header off

The following explains the configuration directives:

Http_port 80

Option Http_port Specifies that squid listens for HTTP requests on ports that are typically set to 80 ports, so that the user does not feel the presence of a reverse proxy, as it does to access a real Web server.

Httpd_accel_host 192.168.0.100 and Httpd_accel_port 80

Options Httpd_accel_host and Httpd_accel_port specify the IP address and port number of the Web server, depending on the actual situation of your Web server.

Httpd_accel_single_host on

When option Httpd_accel_single_host is on, squid is set to reverse proxy only for a single Web server. Regardless of HTTP header information, Squid forwards all requests for buffered pages to this Web server. If squid needs to do multiple Web server reverse proxies, you must set this option to off and use the redirector or DNS to map requests to the appropriate backend Web server.

Httpd_accel_with_proxy on

If you want squid to be both a reverse proxy server and an Internet agent for the local machine, you need to change httpd_accel_with_proxy to on, by default, off

Httpd_accel_uses_host_header off

In HTTP protocol 1.1, an HTTP request includes a host header information, a hostname that specifies the URL, or the IP address of the host. This option can be used to complete the reverse proxy function of multiple backend Web servers.

2. Squid reverse proxy multiple backend Web servers

We can use squid to reverse proxy multiple backend Web servers. For example: We can configure squid to reverse proxy www.xxx.com www.yyy.com www.zzz.com three backend Web servers.

Squid is configured as follows:

Httpd_accel_host Virtual

Httpd_accel_port 80

Httpd_accel_single_host off

Httpd_accel_uses_host_header on

Note: You need to activate the internal DNS option when compiling squid

--disable-internal-dns

A more complete compilation configuration is as follows:

./configure--prefix=/usr/local/squid--enable-dlmalloc--with-pthreads--enable-poll--disable-internal-dns- Enable-stacktrace--enable-removal-policies= "Heap,lru"--enable-delay-pools--enable-storeio= "Aufs,coss,diskd,ufs" "

Then set up the response agent required domain resolution (add hosts) as follows:

Www.xxx.com 111.222.333.444

Www.yyy.com 111.222.333.444

Www.zzz.com 111.222.333.444

Causes three domain names to point to the reverse proxy server IP address 111.222.333.444.

The following sets the DNS portal information required by the reverse proxy (that is, set up internal DNS, only squid is used internally and not visible to Internet users). There are two ways to set up internal DNS, using internal DNS servers to resolve or use the/etc/hosts file for implementation.

The resource records for using internal DNS servers are as follows:

Www.xxx.com in A 192.168.0.101

Www.yyy.com in A 192.168.0.102

Www.zzz.com in A 192.168.0.103

If you use the/etc/hosts file to implement internal DNS (you should use the Disable internal DNS option at compile time), edit the/etc/hosts file to add the following entry:

192.168.0.101 www.xxx.com

192.168.0.102 www.yyy.com

192.168.0.103 www.zzz.com