Re: Upstream caches ACL policies and affects on downstream caches.

From: Duane Wessels <wessels@dont-contact.us>
Date: Thu, 05 Dec 96 15:23:17 -0800

A.Leahy@st.nepean.uws.edu.au writes:

>I've noticed this mainly on a bunch of ftp sites, my thinking is that the
>SU cache is ACL throttling either "ftp" generally or some ftp sites. This
>causes our 'downstream' caches some traumas if we hit on their cache! ie.
>[Access Denied messages].
>
>So it ends up that, upstream caching/proxy policies ARE affecting our
>users! (okay - they CAN hit reload on their browsers and force a refresh -
>but it still isn't very friendly).
>
>Maybe, one solution would be for Squid to consult it's "acl's" when
>responding to object requests from peer caches. For example, when the
>Nepean cache polls SU for a "ftp" object the SU cache should either return
>MISS or a status like "bugger off you can't get that from here". This
>gives the Nepean cache the chance to try other caches in the peer group or
>go get it direct.

It should be able to do that already. All that needs to happen is for
the SU cache to make its 'icp_access' list the same as its
'http_access' list.

Otherwise, if we assume they have done exactly that, then this might also
be explained if:
        SU is your neighbor
        SU is running a pre-1.1.beta24 (?) squid which too eagerly sends
           UDP_HIT replies.
        SU is using 'miss_access' rules also.

Duane W.
Received on Thu Dec 05 1996 - 15:32:09 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:49 MST