On 18/07/22 18:38, Théo BARRAGUE wrote:> Hello,
After a random time ( seconds, minutes or even hours ) squid stop
sending ICP to neighbours.
Given that all traffic from squid-1 is forced to go through squid-2 why
are you bothering with ICP? that is only useful when there are 2+ peers
to select from.
This is my configuration for squid-1 :
cache_peer squid-2 parent 3128 3130 background-ping
dns_nameservers 1.1.1.1
> netdb_filename none
netdb_ping_period 1 seconds> query_icmp on
never_direct allow all
I highly recommend that you at least retain the default security
settings for http_access. They are designed to protect against some
nasty situations like proxy hijacking and DoS attacks.
http_access allow all
http_port 3128
icp_access allow all
icp_port 3130
This is my configuration for squid-2 :
cache_peer_access squid-1 allow
There is no cache_peer definition in this config. Either this is not
actually your config file contents, or Squid is using a different config
file than you think.
dns_nameservers 1.1.1.1
netdb_filename none
netdb_ping_period 1 seconds
cache_dir null /tmp
The "null" storage type has not been part of Squid for most of a decade.
Erase the cache_dir line. Add "cache_mem 0 KB" instead.
cache deny all
shutdown_lifetime 15 seconds
http_access allow all
http_port 3128
icp_access allow all
icp_port 3130
I'm using Squid 4.6 from Debian Bullseye on a amd64 architecture
Bullseye currently ships with Squid-4.13. Please update to that, if only
for the security patches.
I doubt v5 will work differently for your issue, but YMMV.
HTH
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
