Re: [squid-users] Duplicate Headers
On 25/11/2015 6:58 a.m., Benjamin Reed wrote: > Any idea how my X-Cache, X-Cache-Lookup, and Via: headers are getting > messed up on my accelerator configuration? > > Here's the output from a sample HEAD request: > > http://paste.opennms.eu/?26c282e7abba631e#oqU/8pAmAUXHhMXPHhr9vWjJAA1FVcgn49W5BWO1vIs= > This is a forwarding loop of a slightly unusual kind: When Squid received the request, it asked its peers who had ability to reach the object. They all did (X-Cache-Lookup: HIT...), so it picked the first responder and sent the request there. Unfortunately the first responder was just another mirror, so when it received that request ... it does exactly the same thing. If any mirror sees itself as listed in the Via header it will reject the request with fowarding loop error, and the mirror that sent the request to it will move on to the next possible destination for it. Eventually the origin will be reached. But possibly after having gone through all mirrors or some large portion of them. > The 4 systems are set up as cache peers to each other, with a parent > host that contains all the upstream content. Instead of "cache_peer_access X allow all" use: cache_peer_access X allow !mirrors That will ensure that mirrors go to the origin for any request that was received from another mirror. Mirrors will still be available as alternative sources for clients sent requests. PS. you can also remove the "cache allow all" line. It does nothing. Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Duplicate Headers
On 11/24/15 1:09 PM, Antony Stone wrote: > squid.conf, minus blank lines and comments, please? Here you go. Each system is identical but with itself commented out of the "cache_peer" and "cache_peer_access" lines. acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl our_sites dstdomain yum.opennms.org debian.opennms.org maven.opennms.org repo.opennms.org .mirrors.opennms.org .mirrors.opennms.com acl mirrors src 45.55.163.22/32 acl mirrors src 2604:a880:800:10::60:4001/128 acl mirrors src 104.236.160.233/32 acl mirrors src 2604:a880:1:20::d6:7001/128 acl mirrors src 46.101.6.157/32 acl mirrors src 2a03:b0c0:1:d0::7a:7001/128 acl mirrors src 46.101.211.239/32 acl mirrors src 2a03:b0c0:3:d0::8a:6001/128 http_access deny !Safe_ports http_access deny CONNECT # manager access http_access allow localhost manager http_access deny manager # proxy access http_access allow our_sites http_access allow localhost http_access deny all # peer access icp_access allow mirrors icp_access deny all icp_port 3130 # cache access cache allow all http_port 80 accel defaultsite=www.mirrors.opennms.org vhost http_port 8080 accel defaultsite=www.mirrors.opennms.org vhost #http_port 3128 accel defaultsite=www.mirrors.opennms.org vhost coredump_dir /var/spool/squid3 logfile_rotate 10 #cache_store_log stdio:/var/log/squid3/store.log debug_options rotate=10 client_ip_max_connections 8 # how much to cache/keep minimum_object_size 0 maximum_object_size 600 MB minimum_expiry_time 60 seconds refresh_pattern . 900 80% 604800 memory_cache_mode disk memory_replacement_policy heap LFUDA cache_replacement_policy heap LFUDA cache_peer mirror.internal.opennms.com parent 80 0no-query originserver name=myAccel cache_peer_access myAccel allow our_sites cache_peer_access myAccel deny all #cache_peer ny-1.mirrors.opennms.orgsibling 80 3130 name=ny1 cache_peer sf-1.mirrors.opennms.orgsibling 80 3130 name=sf1 cache_peer uk-1.mirrors.opennms.orgsibling 80 3130 name=uk1 cache_peer de-1.mirrors.opennms.orgsibling 80 3130 name=de1 #cache_peer_access ny1 allow all cache_peer_access sf1 allow all cache_peer_access uk1 allow all cache_peer_access de1 allow all cache_dir aufs /var/spool/squid3/cache-small 2000 16 256 min-size=0 max-size=10 cache_dir aufs /var/spool/squid3/cache-large 14000 16 256 min-size=10 max-size=6 # cache 404s for 5 minutes negative_ttl 300 seconds signature.asc Description: OpenPGP digital signature ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Duplicate Headers
On Tuesday 24 November 2015 at 18:58:01, Benjamin Reed wrote: > Any idea how my X-Cache, X-Cache-Lookup, and Via: headers are getting > messed up on my accelerator configuration? > > Here's the output from a sample HEAD request: > > http://paste.opennms.eu/?26c282e7abba631e#oqU/8pAmAUXHhMXPHhr9vWjJAA1FVcgn4 > 9W5BWO1vIs= > > The 4 systems are set up as cache peers to each other, with a parent > host that contains all the upstream content. squid.conf, minus blank lines and comments, please? Antony. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] Duplicate Headers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Any idea how my X-Cache, X-Cache-Lookup, and Via: headers are getting messed up on my accelerator configuration? Here's the output from a sample HEAD request: http://paste.opennms.eu/?26c282e7abba631e#oqU/8pAmAUXHhMXPHhr9vWjJAA1FVcgn49W5BWO1vIs= The 4 systems are set up as cache peers to each other, with a parent host that contains all the upstream content. -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 iD8DBQFWVKUpUu+jZtP2Zf4RAvdoAJ0S7/F4p17BrChqgNHYK43vsPMk1gCgiL2D V7PTmJhbgShx7jNrCxnxY/8= =NdxH -END PGP SIGNATURE- ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users