heart beet between squid peers

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

heart beet between squid peers

salil GK
Hi

   I am trying to build a solution with squid proxy chaining. I have a proxy chaining through a tunnel. Every thing works fine !! But in my framework I need to know whether the connectivity is through from squid child to squid parent. What is the best way to know - is there any API or utility that I can use to find it out ? I need to know in both machines that the squid channel is active. Any help in this regard would be appreciated.

Thanks
~S

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: heart beet between squid peers

reinerotto
I have seen error messages in cache.log, in case conn to upstream peer (parent proxy) was broken. However, dunno, how to do it downstream.
Reply | Threaded
Open this post in threaded view
|

Re: heart beet between squid peers

salil GK
Thanks reinerotto ..

But log file parsing to understand the state would be the last thing I would like to do !!!!  

It would be really great if some utility that will tell me if the heartbeat is exchanged successfully !! or may be some result file where I can check how the health !!!

Thanks
~S

On 1 February 2017 at 19:21, reinerotto <[hidden email]> wrote:
I have seen error messages in cache.log, in case conn to upstream peer
(parent proxy) was broken. However, dunno, how to do it downstream.




--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/heart-beet-between-squid-peers-tp4681408p4681409.html
Sent from the Squid - Users mailing list archive at Nabble.com.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users


_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: heart beet between squid peers

Eliezer Croitoru
In reply to this post by salil GK
Hey,

You can use the cache manage interface for this.
Take a peek at:
http://wiki.squid-cache.org/Features/CacheManager#Cache_manager_Access_Control_in_squid.conf

Technically you can run something like:
http_proxy=http:///127.0.0.1:3128/ curl -X POST  http://cache-peer:3128/squid-internal-mgr/info

And see if you get and access denied.
If so then it means that your request was answered from the cache_peer.
If you need some help with it let me know.

Eliezer

----
http://ngtech.co.il/lmgtfy/
Linux System Administrator
Mobile: +972-5-28704261
Email: [hidden email]


From: squid-users [mailto:[hidden email]] On Behalf Of salil GK
Sent: Wednesday, February 1, 2017 9:06 AM
To: [hidden email]
Subject: [squid-users] heart beet between squid peers

Hi

   I am trying to build a solution with squid proxy chaining. I have a proxy chaining through a tunnel. Every thing works fine !! But in my framework I need to know whether the connectivity is through from squid child to squid parent. What is the best way to know - is there any API or utility that I can use to find it out ? I need to know in both machines that the squid channel is active. Any help in this regard would be appreciated.

Thanks
~S

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: heart beet between squid peers

Alex Rousskov
In reply to this post by salil GK
On 02/01/2017 12:06 AM, salil GK wrote:
> I need to know whether the connectivity is through from squid
> child to squid parent.
...

> I need to know in both machines that the squid channel is active.
...

> if the heartbeat is exchanged successfully !!

It is not clear what you mean by "connectivity is through", "channel is
active", and "heartbeat is exchanged". You may want to describe what you
need in higher-level terms specific to your problem domain.

Please note that Squid peers do not normally exchange HTTP messages
unless there is a client request to be forwarded. There are various
optional features (e.g., cache_peer standby=N) that may create peer
traffic in the absence of requests, but it is not yet clear whether any
of those features are applicable to your use case.


If you just want to know whether there is at least one TCP connection
between two Squid instances, then you can use netstat or a similar tool
to find all connections to/from relevant addresses (and their state).

If you want to monitor the current peer state, I believe there is a
cache manager page for that, but that will only give you information
about one Squid's opinion, not both.

Alex.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: heart beet between squid peers

salil GK
Hello Alex

   Thanks for the reply
   
     what happens is - we provide an interface for the admin to set whether forward proxy is enabled or not - and also specify which all peers need to be involved in the squid chaining ( parent child ). If I have say 4 machines - A,B,C and D. Admin can decide machine A and B are the child  and machine C and D as parents. Both A and B can use C and D as parents - for load balancing and redundancy. 

A -> parent -> C
A -> parent -> D
B -> parent -> C
B -> parent -> D

In the UI interface admin will specify this. When it is done, in the back end I will create a tunnel and reconfigure squid config file and start squid. Now in the UI I need to specify whether every thing is perfect and A and B can talk to C and D seamlessly - or the traffic is perfect or not. Only if the traffic between squid A and squid C and squid D are perfect, I should mention that it is ACTIVE. For this I thought if have some mechanism in both sides to do ping kind of functionality, it would be good.

What I found is squid client can be used for ping to other end. In the A server I can use tunnel as the ping destination and C server I can directly ping A. If this is through I guess set the channel as ACTIVE.  another option is as Eliezer mentioned, I can use simple curl to verify this connectivity

Thanks and regards
~S



On 3 February 2017 at 03:26, Alex Rousskov <[hidden email]> wrote:
On 02/01/2017 12:06 AM, salil GK wrote:
> I need to know whether the connectivity is through from squid
> child to squid parent.
...

> I need to know in both machines that the squid channel is active.
...

> if the heartbeat is exchanged successfully !!

It is not clear what you mean by "connectivity is through", "channel is
active", and "heartbeat is exchanged". You may want to describe what you
need in higher-level terms specific to your problem domain.

Please note that Squid peers do not normally exchange HTTP messages
unless there is a client request to be forwarded. There are various
optional features (e.g., cache_peer standby=N) that may create peer
traffic in the absence of requests, but it is not yet clear whether any
of those features are applicable to your use case.


If you just want to know whether there is at least one TCP connection
between two Squid instances, then you can use netstat or a similar tool
to find all connections to/from relevant addresses (and their state).

If you want to monitor the current peer state, I believe there is a
cache manager page for that, but that will only give you information
about one Squid's opinion, not both.

Alex.



_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: heart beet between squid peers

Alex Rousskov
On 02/02/2017 04:43 PM, salil GK wrote:

> we provide an interface for the admin to set
> whether forward proxy is enabled or not - and also specify which all
> peers need to be involved in the squid chaining ( parent child ). If I
> have say 4 machines - A,B,C and D. Admin can decide machine A and B are
> the child  and machine C and D as parents. Both A and B can use C and D
> as parents - for load balancing and redundancy.
>
> A -> parent -> C
> A -> parent -> D
> B -> parent -> C
> B -> parent -> D
>
> In the UI interface admin will specify this. When it is done, in the
> back end I will create a tunnel and reconfigure squid config file and
> start squid. Now in the UI I need to specify whether every thing is
> perfect and A and B can talk to C and D seamlessly - or the traffic is
> perfect or not. Only if the traffic between squid A and squid C and
> squid D are perfect, I should mention that it is ACTIVE. For this I
> thought if have some mechanism in both sides to do ping kind of
> functionality, it would be good.

Thank you for detailing your problem!

Others on this list should be able to offer much better solutions, but
if you do not hear any, then I would use curl or wget(**) to send HTTP
requests to each child and have special rules in child squid.confs to
route those requests to the specified-in-the-request parent (probably by
matching a custom HTTP header). Your script can the analyze the Via
headers in each successful response to confirm that the transaction went
to the right parent.

Given your example above, four requests would be sufficient to confirm
connectivity. Please note that those requests cannot confirm whether A
is also _not_ using B as a parent and C is not using D as a parent (for
example). To prove all those "negatives", you will need a few more
requests (and possibly slightly fancier routing rules in squid.conf).

You may be able to send HTTP TRACE requests with Max-Forwards:1 header
if your Squids support that. That way, you will be testing the
connectivity between Squids without being dependent on the outside
connectivity and can analyze forwarded request headers as well, but this
is optional.


Needless to say, you can run a similar script/analysis every T minutes
if you wish to monitor connectivity continuously, after everything has
been configured. However, at runtime, your focus should be on monitoring
for errors, response times, hit ratios, and other measurements that may
reveal Squid problems.


FWIW, "pinging" in the reverse direction (e.g., from C to A) does not
make sense to me and should not be necessary to confirm connectivity
that normal requests will use.


HTH,

Alex.
(**) You may use squidclient as well but I do not recommend that because
it lacks polish and some advanced features that you may eventually find
useful.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users