[squid-users] TCP_MISS/504 after UDP_HIT - from sibling squid

Hi to all squid users!

I'm new to this list so please hold the big guns.

Here's my setup:

1. Using Squid squid-2.6.STABLE6-5.el5_1.3 (pinned at this version since all newer ones will eventually stop responding with 100%cpu. But this could be the subject of another post on this list)
2. 2 servers in a heartbeat cluster. 192.168.2.1-2 are the IPs used for the internal communication in the cluster.
3. The requests come to Apache server who passes them to squid on the localhost.
4. The squids are configured to use the other squid as sibling and webserver instances from both servers as parents. ICP is used in all cases (the webservers will always reply MISS but the fastest to reply to ICP is probably the less busy and closest)

My squid config looks like this:

********************************************************************
cache_effective_user squid
cache_effective_group squid
http_port 192.168.2.2:3128 transparent
http_port 127.0.0.1:3128 transparent
icp_port 3130
udp_incoming_address 192.168.2.2
cache_dir ufs /var/spool/squid 20000 16 256
cache_mgr webadmin_at_subdomain.domain.xx
visible_hostname host1.subdomain.domain.xx
log_icp_queries on
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
cache_store_log none
emulate_httpd_log off
cache_mem 512 MB
maximum_object_size 100 MB # max cached object size
maximum_object_size_in_memory 1 MB # max cached-in-memory object size
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl localnet src 192.168.2.0/24
acl ssl_ports port 443 563
acl safe_ports port 81 80 443
acl zope_servers src 127.0.0.1
acl zope_servers src XXX.XXX.XXX.181
acl zope_servers src XXX.XXX.XXX.134
acl zope_servers src XXX.XXX.XXX.155
acl zope_servers src 192.168.2.0/24
acl manager proto cache_object
acl connect method connect
acl accelerated_protocols proto http
acl accelerated_hosts dst 127.0.0.0/8
acl accelerated_hosts dst XXX.XXX.XXX.181/32
acl accelerated_hosts dst XXX.XXX.XXX.155/32
acl accelerated_ports myport 3128
acl purge method PURGE
http_access allow zope_servers purge
http_access deny purge
http_reply_access allow all
acl webdav method PROPFIND TRACE PURGE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK
never_direct allow all
http_access allow manager localnet
http_access allow manager localhost
http_access deny manager
http_access deny connect !ssl_ports
icp_access allow localhost
icp_access allow localnet
http_access allow all
cache_peer 192.168.2.1 sibling 3128 3130 name=theothersquid
cache_peer 192.168.2.1 parent 8988 3988 no-netdb-exchange round-robin no-digest name=11
cache_peer 192.168.2.1 parent 8990 3990 no-netdb-exchange round-robin no-digest name=12
cache_peer 192.168.2.1 parent 8992 3992 no-netdb-exchange round-robin no-digest name=13
cache_peer 192.168.2.1 parent 8994 3994 no-netdb-exchange round-robin no-digest name=14
cache_peer 192.168.2.1 parent 8996 3996 no-netdb-exchange round-robin no-digest name=15
cache_peer 192.168.2.1 parent 8998 3998 no-netdb-exchange round-robin no-digest name=16
cache_peer 192.168.2.1 parent 9000 4000 no-netdb-exchange round-robin no-digest name=17
cache_peer 192.168.2.1 parent 9002 4002 no-netdb-exchange round-robin no-digest name=18
cache_peer 192.168.2.1 parent 9004 4004 no-netdb-exchange round-robin no-digest name=19
cache_peer 192.168.2.1 parent 9006 4006 no-netdb-exchange round-robin no-digest name=110
cache_peer 192.168.2.1 parent 9008 4008 no-netdb-exchange round-robin no-digest name=111
cache_peer 192.168.2.1 parent 9010 4010 no-netdb-exchange round-robin no-digest name=112
cache_peer 192.168.2.2 parent 8988 3988 no-netdb-exchange round-robin no-digest name=21
cache_peer 192.168.2.2 parent 8990 3990 no-netdb-exchange round-robin no-digest name=22
cache_peer 192.168.2.2 parent 8992 3992 no-netdb-exchange round-robin no-digest name=23
cache_peer 192.168.2.2 parent 8994 3994 no-netdb-exchange round-robin no-digest name=24
cache_peer 192.168.2.2 parent 8996 3996 no-netdb-exchange round-robin no-digest name=25
cache_peer 192.168.2.2 parent 8998 3998 no-netdb-exchange round-robin no-digest name=26
cache_peer 192.168.2.2 parent 9000 4000 no-netdb-exchange round-robin no-digest name=27
cache_peer 192.168.2.2 parent 9002 4002 no-netdb-exchange round-robin no-digest name=28
cache_peer 192.168.2.2 parent 9004 4004 no-netdb-exchange round-robin no-digest name=29
cache_peer 192.168.2.2 parent 9006 4006 no-netdb-exchange round-robin no-digest name=210
cache_peer 192.168.2.2 parent 9008 4008 no-netdb-exchange round-robin no-digest name=211
cache_peer 192.168.2.2 parent 9010 4010 no-netdb-exchange round-robin no-digest name=212
redirect_program /var/XXDIR/bin/squirm
redirect_children 20
redirect_rewrites_host_header off
acl static_content urlpath_regex -i \.(jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|css|js|vsd|doc|ppt|pps|xls|pdf|mp3|mp4|m4a|ogg|mov|avi|wmv|sxw|zip|gz|bz2|tgz|tar|rar|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw|dmg|torrent|deb|msi|iso|rpm)$
acl static_content urlpath_regex (.*)misc_/ExternalEditor/edit_icon$
acl static_content urlpath_regex (.*)p_/(.*)
no_cache allow static_content
acl post_requests method POST
no_cache deny post_requests
acl QUERY urlpath_regex \?
acl CGIBIN urlpath_regex cgi-bin
no_cache allow QUERY
no_cache deny CGIBIN
external_acl_type is_cacheable_type children=5 %{Cookie:__ac} %{Cookie:;__ac} %{Authorization} %{If-None-Match} /var/XXDIR/bin/squidAcl.py
acl is_cacheable external is_cacheable_type
no_cache allow is_cacheable
no_cache deny all
negative_ttl 0
refresh_pattern . 0 50% 999999 ignore-reload
refresh_pattern -i /getFile$ 60 90% 3600
shutdown_lifetime 1 seconds
pipeline_prefetch on

*******************************************************************

The other squid will have a very similar config, just replace 192.168.2.1 with 192.168.2.2 and vice-versa.

The main problem I'm facing is that every time the squid on the "passive" member responds with UDP_HIT the following line will be a TCP_MISS/504. Like this:

1286468808.210 0 192.168.2.1 UDP_HIT/000 168 ICP_QUERY http://127.0.0.1:3128/path/to/object - NONE/- -
1286468808.721 4 192.168.2.1 TCP_MISS/504 1915 GET http://127.0.0.1:3128/path/to/object - NONE/- text/html

I've searched this list and internet in general for ideas of what I'm doing wrong and came up empty.

I'm open to any suggestion for improvement in this setup. Performance is my main goal.

Many thanks,
Adrian
Received on Thu Oct 07 2010 - 16:42:44 MDT