Hi, I am having trouble with stale-if-error response. I am making calls using curl to an API (under my control) on Amazon AWS. Config and details below ...
# /etc/squid/squid.conf : acl to_aws dstdomain .amazonaws.com acl from_local src localhost http_access allow to_aws http_access allow from_local cache allow all cache_dir ufs /var/cache/squid 1024 16 256 http_port 3129 ssl-bump cert=/etc/squid/maul.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/squid/ssl_db -M 4MB acl step1 at_step SslBump1 ssl_bump bump step1 ssl_bump bump all sslproxy_cert_error deny all cache_store_log stdio:/var/log/squid/store.log logfile_rotate 0 shutdown_lifetime 3 seconds # /usr/bin/proxy-test : #!/bin/bash curl --proxy http://localhost:3129 \ --cacert /etc/squid/stuff.pem \ -v "https://stuff.amazonaws.com/api/v1/stuff/stuff.json" \ -H "Authorization: token MYTOKEN" \ -H "Content-Type: application/json" \ --output "/tmp/stuff.json" Tests .......... At this point in time the network cable is unattached. Squid returns the cached object it got when the network was online earlier. The Age of this object is just still under the max_age of 3600. Previously I was using offline_mode but I found that it did not try to revalidate from the origin after the object expired (defined via max-age response). My understanding is that stale-if-error should work under my circumstances. # /var/log/squid/access.log 1706799404.440 6 127.0.0.1 NONE_NONE/200 0 CONNECT stuff.amazonaws.com:443 - HIER_NONE/- - 1706799404.440 0 127.0.0.1 TCP_MEM_HIT/200 20726 GET https://stuff.amazonaws.com/stuff.json - HIER_NONE/- application/json # extract from /usr/bin/proxy-test < HTTP/1.1 200 OK < Date: Thu, 01 Feb 2024 13:57:11 GMT < Content-Type: application/json < Content-Length: 20134 < x-amzn-RequestId: 3a2d3b26-df73-4b30-88cb-1a9268fa0df2 < Last-Modified: 2024-02-01T13:00:45.000Z < Access-Control-Allow-Origin: * < x-amz-apigw-id: SdZwpG7qiYcERUQ= < Cache-Control: public, max-age=3600, stale-if-error=31536000 < ETag: "cec102b43372840737ab773c2e77858b" < X-Amzn-Trace-Id: Root=1-65bba337-292be751134161b03555cdd6 < Age: 3573 < X-Cache: HIT from labs-maul-st-31 < X-Cache-Lookup: HIT from labs-maul-st-31:3129 < Via: 1.1 labs-maul-st-31 (squid/5.7) < Connection: keep-alive Below .. the curl script executes again. The Age has gone over the max-age so squid attempted to refresh from the origin. The machine is still offline so the refresh failed. I expected that the stale-if-error response would instruct squid to return the cached object as a 200. # /var/log/squid/access.log 1706799434.464 5 127.0.0.1 NONE_NONE/200 0 CONNECT stuff.amazonaws.com:443 - HIER_NONE/- - 1706799434.464 0 127.0.0.1 TCP_REFRESH_FAIL_ERR/502 4235 GET https://stuff.amazonaws.com/stuff.json - HIER_NONE/- text/html # extract from /usr/bin/proxy-test < HTTP/1.1 502 Bad Gateway < Server: squid/5.7 < Mime-Version: 1.0 < Date: Thu, 01 Feb 2024 14:57:14 GMT < Content-Type: text/html;charset=utf-8 < Content-Length: 3853 < X-Squid-Error: ERR_READ_ERROR 0 < Vary: Accept-Language < Content-Language: en < X-Cache: MISS from labs-maul-st-31 < X-Cache-Lookup: HIT from labs-maul-st-31:3129 < Via: 1.1 labs-maul-st-31 (squid/5.7) < Connection: close Hope someone can help me with this. All the best, Robin Carlisle
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org https://lists.squid-cache.org/listinfo/squid-users