On 25 February 2015 at 03:30, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > On 2015-02-25 05:31, Greg wrote: >>>> so, there's my proxy problem I couldn't crack, even after spending >>>> 2+ days tweaking-googling-debugging. :( >>>> >>>> The problem: my _new_ Squid installation (Ubuntu 14 LTS with Squid >>>> 3.3.8) won't cache most pages the old Squid does (old Fedora with >>>> Squid 3.1.15). >>> >>> >>> Both versions are antique. >>> >>> Man, you change one rancid meat to another rancid meat. >>> >>> Just FYI - current Squid version at least 3.4.12. Oh, this branch is >>> already deprecated... shit, current version is 3.5.2! >>> >>> This must be your starting point. >> >> >> Thanks for your comment. Please note that this version is what's >> supported by Ubuntu LTS for the next 5 years. This happens with all >> packages - LTS maintainers choose a stable version and merge security >> updates into it, so it stays secure and needs no config updates for 5 >> years. This is just we need, and it has worked well for Ubuntu 10 >> (squid 2.7.STABLE7-1ubuntu12.6 is still being supported until this >> April!), but it has EOL now and we have to upgrade. > > > > And these types of problem are the cost. Ubuntu and other distros providing > long LTS support choose not to backport bug fixes *unless* its a security > fix. That is their choice, and your choice to accept by using their distro > version. Exactly. I reckon it's not easy for everyone involved. > For the record this appears to be bug 3806 which was fixed in 3.3.12 just > over a year ago. 3.3.8 is just too old by ~4 months. Wow, thanks! This is a breakthrough for me. Indeed, the requests that do get cached don't have a Vary header. This one's for you: http://goo.gl/qK5dE3 Now that I understand the problem I can think about a possible solution: - Try to convince the Ubuntu 14 LTS maintainers to merge the fixes ( http://bugs.squid-cache.org/attachment.cgi?id=2854&action=diff and http://bugs.squid-cache.org/attachment.cgi?id=2969&action=diff ). Not sure about my chances ;) - Create a new baseline server for our proxies with Ubuntu 12 LTS (Squid 3.1.19-1ubuntu3.12.04.3) and upgrade to Ubuntu 16 LTS in 2017. Pro: I tested it and that old Squid version doesn't seem to have this bug. Will work and will be getting security fixes until 2017. Con: well it's a rather old Squid and a less comfortable Ubuntu. - Step out of the safe zone of LTS and install the latest stable Squid. Pro: all the fixes and fresh code. Con: will have to manually monitor the Squid security fixes, and on each security update upgrade to the newest stable, manually testing if anything breaks, merging/changing configs when necessary, then manually upgrade all (10+) proxies - from now till forever. Since I'm a ~beginner sysadmin, any thoughts and comments are warmly welcome. Best regards, Greg _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
