Marc Haber wrote:
> On Thu, May 22, 2008 at 12:49:54PM +1200, Amos Jeffries wrote:
>> Squid considers identd lookups to be an authentication type. Which gets
>> cached for a short period against the client IP to prevent such loading
>> of the network.
>
> Judging after a tshark dump of network traffic, that "short period" is
> like one second, and it doesn't hold for a multi-user system as the
> next user will be "authenticated" with a wrong ID. There is no way for
> squid to know whether a new http request comes from the same users
> without issueing a new ident request or without the http client's
> cooperation.
>
> Please explain how this caching is supposed to work without totally
> wrecking the statistics.
>
> Greetings
> Marc
>
Ah, I thought it yes was 1 second or so, but a closer look at the
default show its 0 seconds unless set higher.
http://www.squid-cache.org/Versions/v3/3.0/cfgman/authenticate_ip_ttl.html
Yes the problem of multiple-users per IP is one to consider.
What you mean by the statistics? I expect it drops the counters of ident
requests relative to the counters of authenticated requests, and lowers
the overall request service times (part of the idea right? faster
response times with less network load).
Amos
-- Please use Squid 2.6.STABLE20 or 3.0.STABLE6Received on Thu May 22 2008 - 09:51:59 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:13 MDT