Marc Haber wrote:
On Thu, May 22, 2008 at 12:49:54PM +1200, Amos Jeffries wrote:
Squid considers identd lookups to be an authentication type. Which gets
cached for a short period against the client IP to prevent such loading
of the network.
Judging after a tshark dump of network traffic, that "short period" is
like one second, and it doesn't hold for a multi-user system as the
next user will be "authenticated" with a wrong ID. There is no way for
squid to know whether a new http request comes from the same users
without issueing a new ident request or without the http client's
cooperation.
Please explain how this caching is supposed to work without totally
wrecking the statistics.
Greetings
Marc
Ah, I thought it yes was 1 second or so, but a closer look at the
default show its 0 seconds unless set higher.
http://www.squid-cache.org/Versions/v3/3.0/cfgman/authenticate_ip_ttl.html
Yes the problem of multiple-users per IP is one to consider.
What you mean by the statistics? I expect it drops the counters of ident
requests relative to the counters of authenticated requests, and lowers
the overall request service times (part of the idea right? faster
response times with less network load).
Amos
--
Please use Squid 2.6.STABLE20 or 3.0.STABLE6
