Search squid archive

Re: Squid 6.10 SSL-Bump Woes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 11/10/24 11:08, Bryan Seitz wrote:

I removed the header mods and changed the refresh pattern to:
refresh_pattern .               15      20%     1800    override-expire ignore-no-cache ignore-no-store ignore-private 

And I always get TCP_MISS.  Any other thoughts?
Ah, I believe it would be best to get a baseline of what Squid default behaviour is like in your environment. So we can identify what/how you need to improve it.
Firstly, FYI; this is what those controls **actually** do in current Squid ..
* override-expires ... forces Squid to handle all responses to act as if they received "Cache-Control: max-age=900" (15 min) ... store, but revalidate 180+ seconds (20% of 15min) later. Result: Anything that could cache longer than 15min becomes a REFRESH_MISS or MISS, instead of HIT. 
  Squid default: **do** cache. Revalidate
    * after("Date"+"CC: max-age=N") timestamp, otherwise
    * after "Expires" timestamp, otherwise
    * after ("Date" +1800 minutes) timestamp.
* ignore-no-cache ... the standardized "CC: no-cache" is badly named, it tells Squid what **can** be cached. Result: Squid will discard many stored objects and perform a MISS instead. Squid default: **do** cache "CC:private" responses, revalidate on HIT. Log as REFRESH. 

 * ignore-no-store ... force everything marked "CC: no-store" to be stored.
Result: cache fills with non-reusable objects. Leaving not much room for actual HIT objects. 
  Squid default: store only objects with can result in more HITs.

 * ignore-private ... force everything with "CC: private" to be discarded.
  Result: same as "ignore-no-store".
  Squid default: **do** cache "CC:private" responses, revalidate on HIT.

Note that both HIT and REFRESH mean the object **was** cached.
You said that the access.log now contains MISS. Would that be just "MISS" or "REFRESH" + "MISS" (actually a HIT, but a new object was given by the server and replaced the pre-stored object).
Can you show a pair of request headers from the client, with matching response from the server? You can use "debug_options 11,2" in recent Squid versions to get a cache.log trace of the HTTP transactions.
That might help us spot something more specific. The config change makes the earlier given ones obsolete. 


HTH
Amos


_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux