On 2024-07-12 08:06, Ben Toms wrote:
Seems that my issue is similar to -
https://serverfault.com/questions/1104330/squid-cache-items-behind-basic-authentication
You are facing up to two problems:
1. Some authenticated responses are not cachable by Squid. Please share
HTTP headers of the response in question.
2. TCP_MISS_ABORTED/502 errors may delete a being-cached response. These
can be bogus errors (essentially Squid logging bugs) or real ones (e.g.,
due to communication bugs, misconfiguration, or compatibility problems).
I recommend adding %err_code/%err_detail to your logformat and sharing
the corresponding access.log lines (obfuscated as needed).
Sharing (privately if needed) a pointer to compressed ALL,9 cache.log
while reproducing the issue using a single transaction may help us
resolve all the unknowns:
https://wiki.squid-cache.org/SquidFaq/BugReporting#debugging-a-single-transaction
HTH,
Alex.
*From: *Ben Toms <ben@xxxxxxxxxxx>
*Date: *Friday, 12 July 2024 at 12:07
*To: *squid-users@xxxxxxxxxxxxxxxxxxxxx <squid-users@xxxxxxxxxxxxxxxxxxxxx>
*Subject: *Re: TCP_MISS_ABORTED/502
To test, I changed the parent url to my blog.. and was able to download
an item there via squid-cache.. so the issue seems to be when
downloading from a parent which requires authentication.
Regards,
Ben.
*From: *Ben Toms <ben@xxxxxxxxxxx>
*Date: *Friday, 12 July 2024 at 10:29
*To: *squid-users@xxxxxxxxxxxxxxxxxxxxx <squid-users@xxxxxxxxxxxxxxxxxxxxx>
*Subject: *TCP_MISS_ABORTED/502
Hi Amos,
I made the changes suggested, biut still getting TCP_MISS_ABORTED/502.
The test I’m performing is via a simple curl:
curl https://local.server.fqdn/some/file/path
<https://local.server.fqdn/some/file/path> -H "Authorization: Basic
base64_auth" -o ~/Downloads/test
The Apache logs for the parent (public.server.fqdn), show:
[12/Jul/2024:10:16:09 +0100] "GET /some/file/path HTTP/1.1" 200 10465
"-" "curl/8.7.1"
So, Apache on the parent is responding with a 200.. and if I mess around
with the curl commands base64_auth I get 401’s as expected in the
parents Apache logs.
However, squids access.log still shows:
1720775769.417 49 192.168.0.156 TCP_MISS_ABORTED/502 3974 GET
https://local.server.fqdn/some/file/path
<https://local.server.fqdn/some/file/path> -
FIRSTUP_PARENT/public.ip.of.public.server text/html
Squid.conf is now:
https_port 443 accel protocol=HTTPS tls-cert=/usr/local/squid/client.pem
tls-key=/usr/local/squid/client.key
cache_peer public.server.fqdn parent 443 0 no-query originserver
no-digest no-netdb-exchange tls login=PASSTHRU name=myAccel
forceddomain=uk-dist-a.datajar.mobi
acl our_sites dstdomain local.server.fqdn
http_access allow our_sites
cache_peer_access myAccel allow our_sites
cache_peer_access myAccel deny all
refresh_pattern -i public.server.fqdn/* 3600 80% 14400
cache_dir ufs /usr/local/squid/var/cache 100000 16 256
The file I’m attempting to cache with the above curl command is 6.5kb
only.. have tried others to no avail.
It seems like squid doesn’t want to cache, and it’s not advising the
client to wait as it caches.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
