Re: [squid-users] reverse squid cache configuration

Ok, so even if I have about 150 000 clients making arround 20 "4xx"
requests / day on 1500 Squid servers which relay its on 4 Squid
servers and then on 1 Apache, is it not a big deal for the last one?
(it's almost equal to 34 requests / sec)

Regards,

Romain

2011/7/3 Amos Jeffries <squid3_at_treenet.co.nz>:
> On 01/07/11 22:34, Gromly Romain wrote:
>>
>> 2011/7/1 Amos Jeffries<squid3_at_treenet.co.nz>:
>>>
>>> On 01/07/11 05:48, Gromly Romain wrote:
>>>>
>>>> Hello list,
>>>>
>>>> I'm configuring a squid 2.6 (can't upgrade) as reverse proxy and i've
>>>> some questions about how cache works.
>>>>
>>>
>>> Please see http://www.mnot.net/cache_docs/ it has a lot of enlightening
>>> descriptions.
>>
>> Thanks for this url in french (is my english so bad? :p), very
>> instructive!
>>
>
> ?huh shows up English to me. "This is an informational document. Although
> technical in nature, ..."
>
>>>> Here, how my architecture works:
>>>>
>>>> AV Client>    GET /file.zip (HTTP/1.1 with Cache-Control: max-age=0 and
>>>> sometimes, with also If-Modified-Since: date, it depends of the file)
>>>> =>    Squid configured with refresh_pattern -i \.zip$ 1440 100% 1440  =>
>>>> Apache server with file.zip hosted with a classic configuration
>>>>
>>>> If I try to get the file.zip with IE, it seems to work, I first have a
>>>> TCP_MISS/200 and then TCP_HIT/200. No request to the Apache server.
>>>>
>>>> If I try to get the file.zip with the AV Client, I first have a
>>>> TCP_MISS/200 but then, I always have a TCP_REFRESH_HIT/200, so Squid
>>>> ask to the Apache server if the file is modified, Apache says 304.
>>>>
>>>> I don't want to have this 304 all the time on my Apache but only when
>>>> the file is older than 1 day.
>>>
>>> AV client is sending "max-age=0" otherwise known as "revalidate
>>> immediately"
>>> or "don't send me anything you are in the slightest bit unsure about".
>>>
>>> refresh_pattern "ignore-reload" is the closest 2.x series has to ignoring
>>> that.
>>>
>>> refresh_pattern "reload_into_ims" will covert max-age=0 requests into IMS
>>> which allow the Apache to respond with the small 304 to instead of a full
>>> 2xx and copy of the object.
>>
>> I tried with ignore-reload but still have 304 relayed to Apache...
>>
>>>>
>>>> I think it could come from the cache-control: max-age=0 and I've tried
>>>> all different refresh_pattern configuration, particulary with
>>>> override-expires but I still have this TCP_REFRESH_HIT
>>>>
>>>> Also, all my 404 ou 403 are relayed to the Apache, even if I've put
>>>> negative_ttl to 15 minutes...
>>>
>>> negative_ttl is a DoS on the clients. If one of them gets a temporary
>>> failure. They all see it for the duration of the TTL.
>>>
>>>  This is the digital equivalent of unplugging the whole box whenever the
>>> network card starts to get a little overloaded. Instead of just dropping
>>> the
>>> odd packet.
>>>
>>>>
>>>> So to resume for all that don't want to read: how not to have
>>>> TCP_REFRESH_HIT all the time and how not to relay 404 or 403 error to
>>>> the Apache?
>>>
>>> I was about to say:  Apache needs to send Date: and Cache-Control:
>>> headers
>>> on the 4xx messages it emits. Squid should cache them same as for 2xx
>>> results.
>>>
>>> But sadly you say you are stuck using 2.6. That version does not cache a
>>> lot
>>> of things which later versions are fixed to cache. Those headers may
>>> help,
>>> but then again it may not.
>>>
>>>
>>> Is there any particular reason you are stuck with 2.6? I'm not awarae of
>>> any
>>> technical reasons why you can't move to 2.7 series at least.
>>
>> Our customer doesn't want to have different version of squid in his
>> network and because they can't upgrade 1500 servers as quick as we
>> need, we have to stay in 2.6.
>>
>> Meanwhile, I've tried in my test environnement Squid 3.1 and I've same
>> issue even with ignore-reload actived, and 4xx are relayed to
>> Apache...
>>
>> Now (with 3.1), I have TCP_HIT/200 or TCP_MEM_HIT/200 for some files
>> and TCP_MISS/304 for some others on Squid because Apache says 304 to
>> requests...
>
> MISS/304 is the client attempting to validate a cached version somewhere
> outside your network. Which is also not currently in your local gateway
> Squid. Net bandwidth saving equal to the size of the object which might have
> been sent but was not. CPU consumption savings are uncertain, worst case is
> zero CPU saving.
>
> Amos
> --
> Please be using
>  Current Stable Squid 2.7.STABLE9 or 3.1.13
>  Beta testers wanted for 3.2.0.9
>
Received on Mon Jul 04 2011 - 08:40:55 MDT