Re: [squid-users] LVS & Reverse Proxy Squid

On Sep 19, 2007, at 12:00 AM, Ding Deng wrote:

> "Brad Taylor" <btaylor@Autotask.com> writes:
>
>> We use LVS (load balancer) to send traffic to multiple Squid 2.5
>> servers in reverse proxy mode. We want to put multiple Squid
>> instances
>> on one box and have successful done that by changing: http_port 80 to
>> http_port 192.168.60.7:80 in the squid.conf file. We tested to that
>
> Squid is listening only on a private address now, what will the source
> address of response from Squid be?

LVS NAT's outbound responses, as long as the response to a client
request goes from the cache through the load balancer, it'll be NATed
fine.

>> instance of squid and worked successfully. Once it is added to the
>> LVS
>> load balancer the site no longer works. I'll check with the LVS group
>> also.
>
> You need as many public addresses as number of Squid instances you'd
> like to run in a single box, and configure each instance to listen
> on a
> different public address, e.g.:

This is untrue in an LVS environment, though true if the Squids are
bare on the network. In the case where you're load balancing with
LVS, the simplest way to achieve this is to have each squid instance
simply listen on a unique port. Instance A on port 80, Instance B on
port 81, etc. The set up the LVS VIPs and RIPs to direct traffic
appropriately.

VIP A: 1.1.1.1:80
RIP A: 2.2.2.2:80
RIP A: 2.2.2.3:80

VIP B: 1.1.1.2:80
RIP B: 2.2.2.2:81
RIP B: 2.2.2.3:81

Etc. This assumes you're using LVS NAT routing, for DR and TUN
there's some details that are slightly different, but the basic
concept is the same. I'll be more than happy to answer Brad's
specific questions about the LVS/Squid relationship in more depth off
list if he wants, since this is really less a Squid question and more
a "How do I make LVS and Squid play well together?" question.

--Dave
Systems Administrator
Zope Corp.
540-361-1722
david@zope.com
Received on Tue Sep 18 2007 - 22:57:11 MDT