Hello all,
I am trying to get squids running on several machines on our LAN to work
together to help lower the load on our web servers.
On each machine, I have a webserver running on port 80 and a squid on port
8080. squid is in httpd accel mode and works fine. Now I want the squids
peered so they fetch the objects from each other, and want each cachable
object stored on one server only, because the servers dont have much local
disk space and because the traffic is load balanced on all servers.
What I notice happening is that the squids do send ICP queries to each
other but they allways end up fetching the objects from their own cache, or
the origin server. never from another cache. I am trying to get multicast
to work, but I see the eaxt same behavior with unicst icp config.
Any hints hilghely appriciated. I am using squid-2.5.STABLE7 on fedora core
1.
Here is my full config:
(#:~)- cat /usr/local/squid/etc/squid.conf
debug_options ALL,2
cache_effective_user squid
http_port 8080
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_dir aufs /export/squid 9000 16 256
#emulate_httpd_log on
log_icp_queries on
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl peers src 10.0.20.0/255.255.255.0
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow all
http_reply_access allow all
icp_access allow peers
icp_port 3130
httpd_accel_host 10.0.10.26
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
coredump_dir /export/squid
digest_generation on
digest_rebuild_period 500 seconds
#icp_hit_stale on
#htcp_port 4827
cache_peer 224.9.9.9 multicast 8080 3130 ttl=1
cache_peer 10.0.20.27 sibling 8080 3130 proxy-only multicast-responder
cache_peer 10.0.20.28 sibling 8080 3130 proxy-only multicast-responder
cache_peer 10.0.20.29 sibling 8080 3130 proxy-only multicast-responder
mcast_groups 224.9.9.9
Received on Fri Dec 10 2004 - 07:29:18 MST
This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:02 MST