Quin Guin wrote:
Hi,
I have been using squid for many years as a forward proxy and now I
need to setup a reverse. I have read and study many different email
threads and FAQ on this topic but I can't seem to get past
TCP_MISS/200s. Please see my most basic config below and I know there
is a lot more that can be done to make it more secure but I am just
trying to get a TCP_MISS/200 then a TCP_HIT!!!
All you should need for reverse-proxy config info is detailed at:
http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator
If in doubt test the website with
http://www.ircache.net/cgi-bin/cacheability.py
and see if the objects are even actually cacheable or not.
I am open to trying things and I tried installing 3.1 on RHELL4-U6 64
bit but it has its keeps giving this error: "configure: error:
pthread library required but cannot be found." I will work on that
later.
That squid appears to be built with a dependency on libpthread /
libpthreads or whatever its called on RHEL.
See the package documentation and/or the RHEL documentation for pthread.
Some comments on your config as well below...
http_port 81 accel defaultsite=f99.net
Reverse proxies are a good idea to listen on the standard port 80.
cache_peer 10.20.20.39 parent 88 0 no-query originserver login=PASS
name=dtvAccel ##ACL# acl ALL dstdomain f99.net http_access allow ALL
Sig. "ALL" has special meaning as "all the internet" and affects many
default settings in Squid.
Please never redefine it. Squid-3 will throw up some serious warnings
that need to be fixed to your cache.log about that.
cache_peer_access dtvAccel allow All cache_peer_access dtvAccel deny
all
allow all then deny all. see one of the confusions that occurs with 'all'?
##Headers## via on header_access Via allow all header_access Age deny
all header_access X-Cache deny all ##Cache Config##
collapsed_forwarding on
Not relevant for Squid-3 yet. Expect squid 3.1 to abort on startup when
you load this.
minimum_expiry_time 120 seconds cache_mem 256 MB maximum_object_size
40960 KB maximum_object_size_in_memory 50 KB
256 MB ram-cache only filled with 50 KB objects. I hope you have a lot
of extra ram for the index on those.
ipcache_size 40960 # dc setting changed - orig first - new second #
cache_dir aufs /usr/local/squid-2.7/var/cache 50000 16 256 cache_dir
ufs /usr/local/squid/var/cache 5000 16 256 access_log
/usr/local/squid/var/logs/access.log squid cache_store_log
/usr/local/squid/var/logs/squid-store.log #refresh_pattern ^ftp:
1440 20% 10080 #refresh_pattern ^gopher: 1440 0%
1440 #refresh_pattern (/cgi-bin/|\?) 0 20% 720
refresh_pattern -i \.jpg$ 10 90% 10 override-expire override-lastmod
ignore-reload reload-into-ims refresh_pattern -i \.jpeg$ 10 90% 10
override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern -i \.gif$ 10 90% 10 override-expire override-lastmod
ignore-reload reload-into-ims refresh_pattern -i \.png$ 10 90% 10
override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern -i \.swf$ 10 90% 10 override-expire override-lastmod
ignore-reload reload-into-ims refresh_pattern -i \.flv$ 10 90% 10
override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern -i \.js$ 2 90% 2 override-expire override-lastmod
ignore-reload reload-into-ims refresh_pattern -i \.css$ 2 90% 2
override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern -i \.htm$ 10 90% 10 refresh_pattern -i
\.html$ 10 90% 10
You are missing the default refresh patterns that will prevent immortal
objects:
refresh_pattern (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
#icp_access allow all cache_mgr quinguin@xxxxxxxxx visible_hostname
diuqs logfile_rotate 12 coredump_dir /usr/local/squid/var/cache
Thank you very much,
Quin
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7