Time for action – forwarding requests to cache peers using ACLs
Let's say we have three parent proxy servers (p1.exmaple.com, p2.example.com, and p3.example.com). The proxy server p3.example.com is connected to the internet with a highly reliable, but expensive connection, with a fair usage policy. The proxy servers p1 and p2 are cheaper but unreliable. Also, we have three subnets (academic, research, and finance) on our local area network, according to the following diagram:
Now, let's have a look at the following configuration:
cache_peer p1.example.com parent 3128 3130 round-robin cache_peer p2.example.com parent 3128 3130 round-robin cache_peer p3.example.com parent 8080 3130 acl academic src 192.0.2.0/16 acl finance src 198.51.100.0/16 acl research src 203.0.13.0/16 acl imp_domains dstdomain .corporate.example.com .edu acl ftp proto FTP cache_peer_access p3.example.com deny ftp cache_peer_access p3.example.com allow research cache_peer_access p3.exmaple.com allow academic imp_domains...
