Quin Guin wrote:
> Hi,
>
> I have been using squid for many years as a forward proxy and now I
> need to setup a reverse. I have read and study many different email
> threads and FAQ on this topic but I can't seem to get past
> TCP_MISS/200s. Please see my most basic config below and I know there
> is a lot more that can be done to make it more secure but I am just
> trying to get a TCP_MISS/200 then a TCP_HIT!!!
All you should need for reverse-proxy config info is detailed at:
http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator
If in doubt test the website with
http://www.ircache.net/cgi-bin/cacheability.py
and see if the objects are even actually cacheable or not.
>
> I am open to trying things and I tried installing 3.1 on RHELL4-U6 64
> bit but it has its keeps giving this error: "configure: error:
> pthread library required but cannot be found." I will work on that
> later.
>
That squid appears to be built with a dependency on libpthread /
libpthreads or whatever its called on RHEL.
See the package documentation and/or the RHEL documentation for pthread.
Some comments on your config as well below...
> http_port 81 accel defaultsite=f99.net
Reverse proxies are a good idea to listen on the standard port 80.
> cache_peer 10.20.20.39 parent 88 0 no-query originserver login=PASS
> name=dtvAccel ##ACL# acl ALL dstdomain f99.net http_access allow ALL
>
Sig. "ALL" has special meaning as "all the internet" and affects many
default settings in Squid.
Please never redefine it. Squid-3 will throw up some serious warnings
that need to be fixed to your cache.log about that.
> cache_peer_access dtvAccel allow All cache_peer_access dtvAccel deny
> all
allow all then deny all. see one of the confusions that occurs with 'all'?
> ##Headers## via on header_access Via allow all header_access Age deny
> all header_access X-Cache deny all ##Cache Config##
> collapsed_forwarding on
Not relevant for Squid-3 yet. Expect squid 3.1 to abort on startup when
you load this.
> minimum_expiry_time 120 seconds cache_mem 256 MB maximum_object_size
> 40960 KB maximum_object_size_in_memory 50 KB
256 MB ram-cache only filled with 50 KB objects. I hope you have a lot
of extra ram for the index on those.
> ipcache_size 40960 # dc setting changed - orig first - new second #
> cache_dir aufs /usr/local/squid-2.7/var/cache 50000 16 256 cache_dir
> ufs /usr/local/squid/var/cache 5000 16 256 access_log
> /usr/local/squid/var/logs/access.log squid cache_store_log
> /usr/local/squid/var/logs/squid-store.log #refresh_pattern ^ftp:
> 1440 20% 10080 #refresh_pattern ^gopher: 1440 0%
> 1440 #refresh_pattern (/cgi-bin/|\?) 0 20% 720
> refresh_pattern -i \.jpg$ 10 90% 10 override-expire override-lastmod
> ignore-reload reload-into-ims refresh_pattern -i \.jpeg$ 10 90% 10
> override-expire override-lastmod ignore-reload reload-into-ims
> refresh_pattern -i \.gif$ 10 90% 10 override-expire override-lastmod
> ignore-reload reload-into-ims refresh_pattern -i \.png$ 10 90% 10
> override-expire override-lastmod ignore-reload reload-into-ims
> refresh_pattern -i \.swf$ 10 90% 10 override-expire override-lastmod
> ignore-reload reload-into-ims refresh_pattern -i \.flv$ 10 90% 10
> override-expire override-lastmod ignore-reload reload-into-ims
> refresh_pattern -i \.js$ 2 90% 2 override-expire override-lastmod
> ignore-reload reload-into-ims refresh_pattern -i \.css$ 2 90% 2
> override-expire override-lastmod ignore-reload reload-into-ims
> refresh_pattern -i \.htm$ 10 90% 10 refresh_pattern -i
> \.html$ 10 90% 10
You are missing the default refresh patterns that will prevent immortal
objects:
refresh_pattern (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
> #icp_access allow all cache_mgr quinguin_at_yahoo.com visible_hostname
> diuqs logfile_rotate 12 coredump_dir /usr/local/squid/var/cache
>
>
> Thank you very much,
>
> Quin
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14 Current Beta Squid 3.1.0.7Received on Fri Apr 17 2009 - 04:20:40 MDT
This archive was generated by hypermail 2.2.0 : Fri Apr 17 2009 - 12:00:02 MDT