[squid-users] Squid 2.5STABLE3 Questions

Background: I am working on project involving groups of network enclaves.
The network enclaves are interconnected using IPSec VPN tunnels between the
network servers that control access to and from the enclave. Within each
group there will be one network server that is designated a network gateway
and will provide access to the Internet.

The intent is to use Squid in the classic Harvest Project sense to reduce
the volume of traffic flowing accross the IPSec VPN tunnels and to minimize
the latency introduced by IPSec VPN encryption. Squid 2.5STABLE3 has been
downloaded and installed as I will need to add intercept proxying and wanted
to do this with a recent release of Squid.

Question: Is there any good documentation on the interaction between the
cache_peer, cache_peer_domain, neighbor_type_domain, always_direct, and
never_direct configuration directives. There seems to have been significant
changes in this area from earlier versions of Squid and that it is now more
difficult to construct a viable Squid hierarchy.

In preliminary testing, I've had a cache_peer defined as a parent return an
error status rather than the requested content. This behaviour presents a
major problem for interior network enclaves that can never directly access
external web content.

Constructing Squid hierarchies seems to have become more of an art form than
it was in the past. Can someone provide pointers to Squid documentation on
constructing hierarchies with Squid 2.5STABLE3 or provide examples of Squid
configurations for systems that never have direct access to Internet web
content?

Merton Campbell Crockett

-- 
BEGIN:				vcard
VERSION:			3.0
FN:				Merton Campbell Crockett
ORG:				General Dynamics Advanced Information Systems;
				Intelligence and Exploitation Systems
N:				Crockett;Merton;Campbell
EMAIL;TYPE=internet:		mcc@CATO.GD-AIS.COM
TEL;TYPE=work,voice,msg,pref:	+1(805)497-5045
TEL;TYPE=fax,work:		+1(805)497-5050
TEL;TYPE=cell,voice,msg:	+1(805)377-6762
END:				vcard