Re: [squid-users] squid not caching

From: Chris Robertson <crobertson@dont-contact.us>
Date: Tue, 07 Nov 2006 11:36:32 -0900

Rui Silva wrote:
> Hi ppl,
>
> I'm having problems with squid. It seem that squid doesn't cache alot
> of pages and stuff for me.
> I have a 15 GB cache definied and I already served about 2,7 GB of
> traffic, but my cache is only ~350MB acording to "du".
>
> searching the access log I found that images or almost never cached. I
> tried several times and always got a MISS.

How did you try? Hitting "reload" on your browser is not a good method
to use.

> Searching for chacheability
> on the web, I found that the image was cacheable.
>
> http://www.ircache.net/cgi-bin/cacheability.py?query=http%3A%2F%2Fwww.conceptronic.net%2Fsite%2Fimages%2Fuserpics%2Fprodukten%2FC54PSERVU%2FC54PSERVU-bnr.jpg&descend=on
>
>
> But squid doesn't cache this. Why?=?
>
> My squid.conf follows in hope that you can provide help
>
> http_port 8080
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> cache deny QUERY
> acl apache rep_header Server ^Apache
> broken_vary_encoding allow apache
> cache_mem 64 MB
> cache_swap_low 94
> cache_swap_high 95
> maximum_object_size 400072 KB
> minimum_object_size 0 KB
> maximum_object_size_in_memory 64 KB
> pid_filename /var/run/squid.pid
> fqdncache_size 2048
> ipcache_size 2048
> cache_replacement_policy heap LFUDA
> memory_replacement_policy lru
> cache_dir aufs /var/spool/squid 15360 32 256
> access_log /var/log/squid/access.log squid
> cache_log /var/log/squid/cache.log
> mime_table /etc/squid/mime.conf
> useragent_log /var/log/squid/useragent.log
> debug_options ALL,1
> hosts_file /etc/hosts
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
> acl all src 0.0.0.0/0
> acl nets src 10.0.2.0/24
> acl nets src 10.0.6.0/24
> acl nets src 10.0.88.0/24
> acl nets src 10.0.92.0/24
> acl nets src 10.0.244.0/24
> acl nets src 10.9.96.0/24
> acl alunos src 10.9.160.0/24
> acl alunos src 10.9.252.0/24
> acl maxconnection maxconn 10
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563 # https, snews
> acl SSL_ports port 873 # rsync
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl Safe_ports port 631 # cups
> acl Safe_ports port 873 # rsync
> acl Safe_ports port 901 # SWAT
> acl purge method PURGE
> acl CONNECT method CONNECT
> http_access deny nets maxconnection
> http_access allow nets

^^^^^^^^^^^^^^^^^^^^^^^^^
Unrelated to your caching problem, but this is probably not where you
want this rule. Access list rules are checked in the order they are
written. List searching terminates as soon as one of the rules is a match.

> http_access allow manager localhost
> http_access deny manager
> http_access allow purge localhost
> http_access deny purge
> http_access allow Safe_ports
Anyone (on your net or not) that can reach your server is going to be
allowed to surf to any of the Safe_ports on ANY host (including
localhost). You have a potentially open proxy.

> http_access deny !Safe_ports
> http_access allow SSL_ports

With your rule set, this is redundant. SSL_ports are a subset of
Safe_ports, which are already allowed (though I feel that is a mistake).

> http_access deny CONNECT !SSL_ports
> http_access allow localhost

This is where I would put http_access allow nets (after dropping the
"allow Safe_ports" and "allow SSL_ports" rules).

> http_access deny all
> http_reply_access allow all
> http_reply_access allow alunos
> icp_access allow all
> cache_effective_user proxy
> cache_effective_group proxy
> httpd_suppress_version_string on
> visible_hostname proxy.e-U
> client_db on
>
> delay_pools 1
> delay_class 1 3
> delay_access 1 deny alunos maxconnection
> delay_access 1 deny all
> delay_parameters 1 80000/80000 -1/-1 16000/16000
>
> delay_initial_bucket_level 50
> coredump_dir /var/spool/squid
>
> according to Calamaris reports I have a 86% MISS rate?
>
> Is this normal??
>
>

That depends entirely on the browsing habits of your users, and which
metric you are referring to (Request Hit or Byte Hit ratios). For
example, of my two main caches (which act as parents for a bunch of site
caches) one contains about a million objects, manages a 25% Request hit
ratio and a 25% Byte hit ratio. The other contains close to 3 million
objects and manages a 25% Request hit ratio but only a 4% byte hit ratio.

For what it's worth, my caching ratio would see improvement if I could
wrangle more disk space, as these caches serve over 10,000 people and
pass more than 30GB of traffic each per day, but have less than 40GB of
cache each.

I have found that Scalar (http://scalar.risk.az/) is an excellent
utility to use for viewing aggregate stats of what you are and are not
caching.

Chris
Received on Tue Nov 07 2006 - 13:37:26 MST

This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST