Requirements: There are multiple servers in the production environment, only one external network ip: 10.10.10.10, and the internal network ip is 192.168.2.10. The ip in the same local area network is 192.168.2.11, the server needs to be able to access the external network ip, at this time we can use a proxy server
solution:
1. Install squid on the server 192.168.2.10 with an external network ip
Prepare the yum command before, you can install it directly online
yum install squid
After the installation is complete, under cd /etc/squid/, modify the contents of the squid.conf file. Before modifying, you can back up the file:
cp squid.conf squid.conf_bak
Then find the http_access deny all in the file and modify it to http_access allow all to indicate that all users can access this proxy,
Also find http_port 3128 and change it to http_port 192.168.2.10:3128 The IP and port here are the proxy IP and port of squid,
This IP is the IP address of the machine that can access the external network. If it is a local machine, you can start the squid agent without modifying the address.
[root@localhost squid]# squid -k parse
[root@localhost squid]#
[root@localhost squid]#
[root@localhost squid]# squid -z
2014/07/22 14:43:01| Creating Swap Directories
[root@localhost squid]#
[root@localhost squid]#
[root@localhost squid]# service squid start
Starting squid: [ OK ]
[root@localhost squid]#
[root@localhost squid]#
[root@localhost squid]#
[root@localhost squid]# netstat -nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 4341/portmap
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 22862/(squid)
tcp 0 0 0.0.0.0:792 0.0.0.0:* LISTEN 4426/rpc.statd
2. Configure 192.168.2.11 machine proxy that cannot access the external network
Set up proxy machines that access the external network on other machines that need to access the external network
export http_proxy=http://192.168.2.10:3128
In this way, a machine that cannot access the external network can access the external network through a machine that can access the external network as a proxy, so as to facilitate the installation of some software, commands and other operations.
If you want to make the proxy server permanent, you can modify the /etc/profile file
vi /etc/profile
在后面添加如下内容:
export https_proxy=http://192.168.2.10:3128
export http_proxy=http://192.168.2.10:3128
export ftp_proxy=http://192.168.2.10:3128
添加完成后保存退出,执行以下命令即可生效。
source /etc/profile