-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 13.03.15 23:33, Amos Jeffries пишет: > On 14/03/2015 5:47 a.m., Monah Baki wrote: > > <snip> > >> half_closed_clients off quick_abort_min 0 KB quick_abort_max 0 >> KB vary_ignore_expire on reload_into_ims on memory_pools off >> cache_mem 4096 MB visible_hostname isn-phc-cache >> minimum_object_size 0 bytes > >> maximum_object_size 512 MB maximum_object_size 512 KB > > KB value overwriting MB value. > > >> ipcache_size 1024 ipcache_low 90 ipcache_high 95 cache_swap_low >> 98 cache_swap_high 100 fqdncache_size 16384 retry_on_error on >> offline_mode off logfile_rotate 10 dns_nameservers 8.8.8.8 >> 41.78.211.30 >> >> >> >> >> access.log: >> >> 1426267535.210 198 10.0.0.23 TCP_MISS/200 412 GET >> http://jadserve.postrelease.com/trk.gif? - >> ORIGINAL_DST/54.225.133.227 image/gif 1426267535.211 198 >> 10.0.0.23 TCP_MISS/200 412 GET >> http://jadserve.postrelease.com/trk.gif? - >> ORIGINAL_DST/54.225.133.227 image/gif 1426267535.211 198 >> 10.0.0.23 TCP_MISS/200 412 GET >> http://jadserve.postrelease.com/trk.gif? - >> ORIGINAL_DST/54.225.133.227 image/gif 1426267535.223 301 >> 10.0.0.23 TCP_MISS/200 222 GET >> http://rma-api.gravity.com/v1/beacons/log? - >> ORIGINAL_DST/80.239.148.18 text/html 1426267535.244 195 >> 10.0.0.23 TCP_MISS/200 412 GET >> http://jadserve.postrelease.com/trk.gif? - >> ORIGINAL_DST/54.225.133.227 image/gif > > > Lots of Akamai hosted requests. Akamai play tricks with DNS > responses. In my installation I've used local Unbound DNS cache and, before it, forced DNS interception to him with Cisco. :) So, I don't care about any hosts DNS quirks. ;) > > Check your cache.log for security warnings; > <http://wiki.squid-cache.org/KnowledgeBase/HostHeaderForgery> > > Note that objects failing the Host validation are not cacheable. > > >> 1426267535.333 423 10.0.0.23 TCP_MISS/200 1420 GET >> http://hpr.outbrain.com/utils/get? - ORIGINAL_DST/50.31.185.42 >> text/x-json 1426267535.345 412 10.0.0.23 TCP_MISS/200 11179 >> GET http://p.visualrevenue.com/? - ORIGINAL_DST/50.31.185.40 >> text/javascript 1426267535.346 411 10.0.0.23 TCP_MISS/200 423 >> GET http://t1.visualrevenue.com/? - ORIGINAL_DST/64.74.232.44 >> image/gif > > Not sure about them. Maybe genuine MISS, maybe not. Agressive dynamic content caching requires some special tweaks. ;) > > It could also be the issues Antony pointed out, with the objects > just naturally not being cacheable. > > >> 1426267535.363 128 10.0.0.23 TCP_REFRESH_UNMODIFIED/304 327 >> GET >> http://z.cdn.turner.com/cnn/.element/widget/video/videoapi/api/js/vendor/jquery.ba-bbq.js >> >> - - ORIGINAL_DST/80.239.152.153 application/x-javascript > > There is a hit. > > I guess you are new to Squid-3 ? Squid is HTTP/1.1 compliant now > and the caching rules are slightly different from requirements on > HTTP/1.0 software. A lot of content that previously could not be > stored now can (authenticated, private, no-cache, etc.). But being > sensitive info also requires revalidation in order to be used, so > they show up like the above. > > Amos > > _______________________________________________ squid-users mailing > list squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVAy/qAAoJENNXIZxhPexGOUEH/2yt1ql+ndo1We1E06LvIZl7 4PXY1kzuHT6EpOYO9LpLKtE+dPNYJuHKiUEF2hAGz5DP/heKq8PFRBTkMD18sueN jm+UfP8BdxgRYuiQWtWNteV0gbH4nOBeJ6QwqlEHMwcsdPtkwWCGA0MS6co+IXKb poouP6xQoNddx/UKicu6PQZDj5HRmynTP2c0mJuFEdlQxONgFiP4mqSFBwWhH/B/ hhdSfxg53xfQ+2B5TsVrKyxmJoIYpHgFZid/pk+Q2bb0WIy8bhHA72EHPjIu5K5Z wobLGng+oE0i2erqtZiFR8daGdKcRW7FDYzHi+LJEHJj3i+z0mRIQkGTn3Nxfhg= =Cnai -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
