Re: [squid-users] Forwarding loops... from Pritam on 2008-07-11 (squid-users)

From: Pritam <pritam_at_subisu.net.np>
Date: Fri, 11 Jul 2008 22:52:03 +0545

Henrik Nordstrom wrote:
> On fre, 2008-07-11 at 07:49 -0700, John Doe wrote:
>
>
>> I don't have use allow-miss.
>> But I do have:
>> header_access Cache-Control deny all
>> header_replace Cache-Control max-age=864000
>> I will try without it...
>>
>
> That explains the loops in sibling setup.
>
> But it does not explain why your cache_peer_access rules wasn't
> effective. Thise should have worked...
>
>
>>>> To solve this, I tried to prevent a squid from querying a sibling on behalf of
>>>>
>>> another sibling:
>>>
>>>> example of squid1.conf:
>>>> cache_peer 192.168.17.12 sibling 8000 3130 proxy-only name=squid2
>>>> cache_peer 192.168.17.13 sibling 8000 3130 proxy-only name=squid3
>>>> cache_peer 192.168.17.14 sibling 8000 3130 proxy-only name=squid4
>>>>
>>>> acl from_squids src 192.168.17.12
>>>> acl from_squids src 192.168.17.13
>>>> acl from_squids src 192.168.17.14
>>>>
>>>> cache_peer_access squid2 deny from_squids
>>>> cache_peer_access squid3 deny from_squids
>>>> cache_peer_access squid4 deny from_squids
>>>>
>>>> But it is not helping...
>>>>
>>> That should defenitely help.
>>>
>>> What is said in access.log?
>>>
>> If I ask squid2 for a looping object:
>>
>> squid2 access.log:
>> 1215783827.918 1 192.168.17.12 TCP_MISS/200 7188 GET http://192.168.16.23/img/spain.gif - FIRST_UP_PARENT/apache image/gif
>> 1215783827.919 2 192.168.17.12 TCP_MISS/200 7233 GET http://192.168.16.23/img/spain.gif - CD_SIBLING_HIT/squid3 image/gif
>>
>
> Why is there two requests from 17.12?
>
> Are you still not using tcp_outgoing_address? Please add appropriate
> tcp_outgoing_address directives.
>
Hi,

Try once hashing (#) the tcp_outgoing_address.

Regards,

Pritam
> Assuming the squid2 config looks the same as the squid1 save for the
> rotation of the servers to squid1,3,4 your cache_peer_access rule won't
> match here as the request is coming from 17.12 which is the squid2
> address..
>
>
> To answer your other question about Apache, there is no big problem with
> having the setup as you do with a set of apaches on different ports, but
> you may need to tweak the Apache config a little to make Apache assume
> port 80 in references to itself, used. when sending a browser redirect
> etc such as seen when requesting http://server/directory without
> trailing /
>
> Additionally you probably only need one instance of Apache..
>
> Regards
> Henrik
>
Received on Fri Jul 11 2008 - 17:07:22 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 11 2008 - 12:00:03 MDT