Join Log in
Score:0
tbhaxor avatar Server

Serving squid proxy behind HTTP load balancer

bn flag
tbhaxor

I want to build a system where we have 3 squid proxies server running behind load balancer. Currently squid proxy is running on http port, (help for https_port is also appreciated)

dns_v4_first on
acl loadbalancer src 174.138.123.136/32  

# allow only https ports
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 443         # https

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager

include /etc/squid/conf.d/*.conf
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy

acl authenticated proxy_auth REQUIRED

http_access allow localhost
http_access allow authenticated
http_access deny all
http_port 8080
coredump_dir /var/spool/squid

When I provide the target url in https it is working, otherwise its giving error from loadbalancer ip.

curl -x http://user:pass@lb_ip:8080 https://ifconfig.me  # works
curl -x http://user:pass@lb_ip:8080 http://ifconfig.me   # does not work

The error in second case is

<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>

<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="/">/</a></p>

When I tried appending /test path in the example. It is confirmed that origin is getting stripped when using http://

curl -sx http://user:pass@lb_ip:8080 http://ifconfig.me/test | grep /test

<p>The following error was encountered while trying to retrieve the URL: <a href="/test">/test</a></p>

But direct usage works in both case

curl -x http://user:pass@direct_ip:8080 https://ifconfig.me  # works
curl -x http://user:pass@direct_ip:8080 http://ifconfig.me   # works
40
0 + 2
jp flag
AlexD
Most likely your load balancer can't work as a HTTP proxy and strips full URL from HTTP requests, but you didn't provide any information about what kind of load balancer you are using.
0
Reply
tbhaxor avatar
bn flag
tbhaxor
I am using HTTP load balancer from [DO](https://docs.digitalocean.com/products/networking/load-balancers/)
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.