I switched to htcp, but I'm still getting false hits (504). On Wed, 2010-03-24 at 15:10 +0100, Taylan Develioglu wrote: > I know it's bad form to reply to your own post, but I found a partial > explanation. > > from > http://linuxdevcenter.com/pub/a/linux/2001/09/17/squidpeering.html?page=2 > > FALSE HITS: (ICP only) Because ICP does not communicate request headers > (only the URI is presented in an ICP query), it is possible for a peer > to return an affirmative for a given URI but not be able to satisfy the > request from cache. > > > * cache1 sends an ICP query to cache2 for > http://www.example.org/index.html. > > * cache2 has a cached copy of the object (87,376 seconds old), and > answers in the affirmative. > > * cache1 then issues the request to cache2, but the request > headers contain "Max-Age: 86400"). cache2's copy is too old to > satisfy this request. > > * If cache1 has miss_access on cache2, then cache2 will go forward > to the origin server (or a parent) and fetch a new copy, > If not, cache2 will return a 504 HTTP response and cache1 will > have to select a new source for the object. > > But why is it then recommended that miss_access be disabled for > siblings? Would it be a bad thing for cache2 to fetch a new copy ? > > As far as I can see cache1 doesn't cache the object retrieved from the > new source after the 504. > > On Wed, 2010-03-24 at 13:40 +0100, Taylan Develioglu wrote: > > Hi, > > > > I'm trying to set up two squid siblings in front of lighttpd as reverse > > proxies and have a question about some behavior I'm seeing. > > > > Squid versions are 2.7.STABLE7-1~bpo50+1 from the debian backports > > repository. > > > > My goal is to create a setup with two cache siblings and one origin > > server (lighttpd) where no duplicate cached entries between siblings > > exist. > > > > I am getting these TCP_HIT/504's and I can't understand why they are > > happening. > > > > When I do a refresh in firefox and request a picture from sibling1, > > requested before on sibling2, I see the following: > > > > sibling1 is 5.5.5.5 > > > > - The original request on sibling 1: > > > > 1269431848.626 4 1.1.1.1 TCP_MISS/304 378 GET > > http://pictures.something.com/pics/d/3/c/picture.jpg - > > DEFAULT_PARENT/pict-dev image/jpeg > > > > - A UDP_HIT occurs on sibling2, sibling1 tries to fetch the file but it > > received a 504 instead (excerpt below). > > > > 269431848.881 0 5.5.5.5 UDP_HIT/000 76 ICP_QUERY > > http://pictures.something.com/pics/d/3/c/picture.jpg - NONE/- - > > 1269431848.883 1 5.5.5.5 TCP_HIT/504 1752 GET > > http://pictures.something.com/pics/d/3/c/picture.jpg - NONE/- text/html > > > > ----start---- > > > > HTTP/1.0 504 Gateway Time-out > > Expires: Wed, 24 Mar 2010 09:55:19 GMT > > X-Squid-Error: ERR_ONLY_IF_CACHED_MISS 0 > > Age: 1269424520 > > Warning: 113 localhost (squid/3.0.STABLE8) This cache hit is still fresh > > and more than 1 day old > > X-Cache: HIT from localhost > > X-Cache-Lookup: HIT from localhost:80 > > > > The requested URL could not be retrieved > > Valid document was not found in the cache and 'only-if-cached' > > directive was specified. > > > > You have issued a request with a 'only-if-cached' cache control > > directive. The document was not found in the cache, or it required > > revalidation prohibited by 'only-if-cached' directive. > > > > ----end---- > > > > Why does sibling2 respond with a UDP_HIT but then sends a 504 error page > > to sibling1 when sibling1 tries to fetch the picture? > > > > Is this normal behavior or am I doing something wrong here? Please see > > my squid.conf below, suggestions are very much appreciated and thanks in > > advance. > > > > acl all src all > > acl manager proto cache_object > > acl localhost src 127.0.0.1/32 > > acl to_localhost dst 127.0.0.0/8 > > acl SSL_ports port 443 > > acl Safe_ports port 80 #http > > acl Safe_ports port 21 #ftp > > acl Safe_ports port 443 #https > > acl Safe_ports port 70 #gopher > > acl Safe_ports port 210 #wais > > acl Safe_ports port 1025-65535 #unregistered ports > > acl Safe_ports port 280 #http-mgmt > > acl Safe_ports port 488 #gss-http > > acl Safe_ports port 591 #filemaker > > acl Safe_ports port 777 #multiling http > > acl CONNECT method CONNECT > > > > acl sites dstdomain pictures.something.com > > acl siblings src 6.6.6.6 > > > > cache_peer 4.4.4.4 parent 80 0 default no-query no-digest originserver > > name=lighttpd-server login=PASS > > cache_peer 6.6.6.6 sibling 80 9832 proxy-only > > name=sibling2 > > > > cache_peer_access lighttpd-server allow sites > > cache_peer_access sibling2 allow sites > > > > http_access allow sites > > http_access allow siblings > > http_access allow manager localhost > > http_access deny manager > > http_access deny !Safe_ports > > http_access deny CONNECT !SSL_ports > > http_access allow localhost > > http_access deny all > > > > icp_access allow siblings > > icp_access deny all > > > > htcp_access deny all > > > > miss_access deny siblings > > > > http_port 80 act-as-origin accel vhost > > icp_port 9832 > > > > access_log /var/log/squid/access.log > > debug_options ALL,3 > > cache_mgr cachmgr@xxxxxxxxxx > > > > cache_dir aufs /var/spool/squid 4000 32 128 > > > > refresh_pattern ^ftp: 1440 20% 10080 > > refresh_pattern ^gopher: 1440 0% 1440 > > refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 > > refresh_pattern . 0 20% 4320 > > > > > >
