Squid implements reverse proxy

Squid reverse proxy working principle when a user's browser sends an HTTP request, the request is directed to the reverse proxy server through domain name resolution (if you want to implement reverse proxy for multiple WEB servers, you need to direct the domain names of multiple WEB servers to the reverse proxy server ). Requests are sent by the reverse proxy server processor. Reverse Proxy generally only caches buffered data (such as html webpages and images), but some CGI script programs or ASP programs do not cache. It caches static pages based on the HTTP header flag returned from the WEB server. Www.2cto.com uses Squid to configure the reverse proxy (HTTP accelerator). configuring the reverse proxy through squid is mainly to configure the configuration file "squid. conf. The following describes the Linux operating system as an example. Other versions are also applicable to UNIX. In Linux, if squid is installed as source code, this file is generally in the "/usr/local/squid/etc/" directory. If it is a built-in squid, the configuration file is usually in the "/etc/squid/" directory. Www.2cto.com 1. Squid reverse proxy for a single backend WEB server if the WEB server and reverse proxy server are two separate machines (generally, the reverse proxy should have two NICs connected to the internal and external networks respectively ). Modify the following content to set the reverse proxy service. Http_port 80 # The squid listening port httpd_accel_host 172.16.250.250 # the IP address of the internal WEB server httpd_accel_port 80 # the IP address of the WEB server depends on # forward the request as a buffer to a separate machine httpd_accel_with_proxy if the WEB server and reverse proxy server are the same machine. Therefore, the WEB server listening port should be set to a non-80 port (for example, port 81 ). The content to be modified is as follows: http_port 80 # The port listened by squid: httpd_accel_host localhost # the IP address of the internal WEB server: httpd_accel_port 81 # the IP address of the WEB server on # Forward the cached request to a separate machine: httpd_accel_with_proxy on the following describes the configuration commands. Www.2cto.com http_port 80 option http_port specifies the port where squid listens for HTTP requests. Generally, it is set to port 80, so that the user does not feel the existence of reverse proxy, just like accessing the Real WEB server. Httpd_accel_host 172.16.250.250 and httpd_accel_port 80 specify the IP address and port number of the WEB server based on the actual situation of your WEB server. When the httpd_accel_single_host option httpd_accel_single_host is on, squid is set to reverse proxy only for a single web server. Without considering the HTTP header information, Squid forwards all unbuffered page requests to this web server. If squid requires multiple reverse proxies for web servers, you must set this option to off and map requests to the appropriate backend WEB server using steering gear or DNS. Httpd_accel_with_proxy on if you want the squid to act as both the reverse proxy server and the Internet proxy for the local machine, you need to change httpd_accel_with_proxy to on. By default, offhttpd_accel_uses_host_header off is in HTTP 1.1, an HTTP request includes a Host Header, specifying the Host Name of the URL or the IP address of the host. This option can be used to complete the reverse proxy function of multiple backend WEB servers. 2. Squid reverse proxy multiple backend WEB servers we can use Squid to reverse proxy multiple backend WEB servers. For example, we can configure squid and reverse proxy www.abc.com, www.xyz.com, and www.kutea.net three backend WEB servers. Squid is configured as follows: httpd_accel_host virtualhttpd_accel_port 80httpd_accel_single_host offhttpd_accel_uses_host_header on (Note: Internal DNS option must be activated when Squid is compiled) set the domain name resolution required by the response proxy (the Internet user resolves the domain names of the three websites here) as follows: www.2cto.com www.abc.com 202.102.240.74www.xyz.com 202.102.240.74www.kutea.net 202.102.240.74 so that all three domain names direct to the IP address of the reverse proxy server 202.102.240.74. The following sets the DNS entry information required by the reverse proxy (that is, setting the internal DNS is only used internally by squid, which is invisible to Internet users ). There are two ways to set up internal DNS, use the internal DNS server for resolution or use the/etc/hosts file for implementation. The Resource Record of the internal DNS server is as follows: www.abc.com in a 172.16.1.2www.xyz.com in a 172.16.1.3www.kutea.net in a 172.16.1.4 if you use the/etc/hosts file to implement internal DNS (the disable internal dns option is ), edit the/etc/hosts file and add the following entry: 172.16.1.2 www. abc. com172.16.1.3 www. xyz. com172.16.1.4 www.kutea.net