[squid-users] Reverse Proxy Cluster Issues

Hi,

I am first time squid user and was wondering if could get some help. I
tried to find answers to these questions on-line, but unsuccessfully...

I have 2 squid boxes setup as reverse proxies in a cluster (they're
using each other as siblings). On the backend I'm using single tomcat
server that both squid boxes use to retrieve content. Squid version I'm
using is 3.0. I'm running into couple issues:

Issue #1:
Whenever squid box receives request for url that contains querystring
(e.g. - http://site1:8080/RSSSource/rss/feed?max=1) it does not contact
sibling cache for that resource, but it retrieves it from the backend
server right away. What's odd is that it works (sometimes...) when query
string is not present (e.g. http://site1:8080/RSSSource/rss/feed).

Issue #2:
Let's say squidA receives request for some resource (e.g.
http://site1:8080/RSSSource/rss/feed). If squidA doesn't have it in its
cache, it will check if it's available from squidB. However, if squidA
has expired version of that resource, it doesn't contact squidB but
retrieves it directly from the backend server, which should not be the
case (it should check if squidB had valid copy available), correct?

Here are relevant squid.conf lines for one of the squids (everything
else is unchanged, config for the second squid is the same except for
sibling references):
########################################################################
##########
http_port 80 accel vhost
icp_port 3130

acl sites_server1 dstdomain site1
acl siblings src address.of.squidA.com

cache_peer address.of.backend.server.com parent 8080 0 no-query
no-digest originserver name=server1
cache_peer address.of.squidA.com sibling 80 3130 name=sibling1 no-digest
allow-miss weight=5

cache_peer_access server1 allow sites_server1
cache_peer_access server1 allow siblings
cache_peer_access sibling1 allow sites_server1

http_access allow sites_server1
http_access allow siblings
http_access deny all

icp_access allow siblings
icp_access deny all

miss_access deny siblings
########################################################################
###########

I tried using HTCP instead of ICP, but I got same results... Does anyone
know solution to these 2 problems? One thing I didn't mention is that
tomcat backend server is including conditional get headers in responses,
however I don't think it matters...

Let me know if more info needed. Thanks in advance!
Received on Wed Apr 14 2010 - 13:13:12 MDT