[squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
Hello everyone, I’m using these configurations which work fine with squid 3.1 every items gets HIT. However these configurations don’t work properly with Squid 3.2 and 3.3, because I always get MISS with all items http_port 127.0.0.1:82 accel ignore-cc cache_peer 192.168.2.43 parent 80 0 no-query originserver name=Site1 max-conn=15 cache_peer_domain Site1 mysite.com refresh_pattern -i ((.)*) 30 30% 60 ignore-no-cache ignore-private ignore-reload ignore-no-store override-lastmod override-expire Header from 3.3 version: HTTP/1.1 200 OK Cache-Control: private Content-Length: 117991 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Nov 2013 03:12:14 GMT Server: Microsoft-IIS/7.5 Date: Thu, 21 Nov 2013 03:12:15 GMT X-Cache: MISS from localhost.localdomain Connection: close So what wrong with me ? Please help.
[squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
Hello everyone, (sorry if this email is duplicate because I sent this by Outlook before but received no comments about this problem). I’m using these configurations which work fine with squid 3.1 every items gets HIT. However these configurations don’t work properly with Squid 3.2 and 3.3, because I always get MISS with all items http_port 127.0.0.1:82 accel ignore-cc cache_peer 192.168.2.43 parent 80 0 no-query originserver name=Site1 max-conn=15 cache_peer_domain Site1 mysite.com refresh_pattern -i ((.)*) 30 30% 60 ignore-no-cache ignore-private ignore-reload ignore-no-store override-lastmod override-expire Header from 3.3 version: HTTP/1.1 200 OK Cache-Control: private Content-Length: 117991 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Nov 2013 03:12:14 GMT Server: Microsoft-IIS/7.5 Date: Thu, 21 Nov 2013 03:12:15 GMT X-Cache: MISS from localhost.localdomain Connection: close Please help. -- Best Regards, Kiên Lê
Re: [squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
Hey there, I am not sure and maybe it is a typo in the cache_peer line? The refresh_pattern should be a separated line from the cache_peer line. like this: ##START http_port 127.0.0.1:82 accel ignore-cc cache_peer 192.168.2.43 parent 80 0 no-query originserver name=Site1 max-conn=15 cache_peer_domain Site1 mysite.com refresh_pattern -i ((.)*) 30 30% 60 ignore-no-cache ignore-private ignore-reload ignore-no-store override-lastmod override-expire ##END also note that there is not need for the whole "((.)*)" while you can use "." for the wanted effect effect. It might be the reason but we just see the response while the request also is very important for the matter. Try to change the refresh_pattern and let see what happens. Eliezer On 25/11/13 19:16, Le Trung, Kien wrote: Hello everyone, (sorry if this email is duplicate because I sent this by Outlook before but received no comments about this problem). I’m using these configurations which work fine with squid 3.1 every items gets HIT. However these configurations don’t work properly with Squid 3.2 and 3.3, because I always get MISS with all items http_port 127.0.0.1:82 accel ignore-cc cache_peer 192.168.2.43 parent 80 0 no-query originserver name=Site1 max-conn=15 cache_peer_domain Site1 mysite.com refresh_pattern -i ((.)*) 30 30% 60 ignore-no-cache ignore-private ignore-reload ignore-no-store override-lastmod override-expire
Re: [squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
Thank Eliezer Croitoru for your response, I double checked your suggestion but still MISS all request refresh_pattern, of course, is in separated line from the cache_peer line, just my mistake when copy/paste to email. I use "." for the refresh_pattern before but no luck With this configuration, squid-3.1.23 still working properly (same original server). On Tue, Nov 26, 2013 at 7:49 AM, Eliezer Croitoru wrote: > Hey there, > > I am not sure and maybe it is a typo in the cache_peer line? > The refresh_pattern should be a separated line from the cache_peer line. > like this: > ##START > > http_port 127.0.0.1:82 accel ignore-cc > cache_peer 192.168.2.43 parent 80 0 no-query originserver name=Site1 > max-conn=15 cache_peer_domain Site1 mysite.com > refresh_pattern -i ((.)*) 30 30% 60 ignore-no-cache ignore-private > ignore-reload ignore-no-store override-lastmod override-expire > ##END > > also note that there is not need for the whole "((.)*)" while you can use > "." for the wanted effect effect. > It might be the reason but we just see the response while the request also > is very important for the matter. > > Try to change the refresh_pattern and let see what happens. > > Eliezer > > > On 25/11/13 19:16, Le Trung, Kien wrote: >> >> Hello everyone, (sorry if this email is duplicate because I sent this >> by Outlook before but received no comments about this problem). >> >> I’m using these configurations which work fine with squid 3.1 every >> items gets HIT. However these configurations don’t work properly with >> Squid 3.2 and 3.3, because I always get MISS with all items >> >> http_port 127.0.0.1:82 accel ignore-cc >> >> cache_peer 192.168.2.43 parent 80 0 no-query originserver name=Site1 >> max-conn=15 cache_peer_domain Site1 mysite.com refresh_pattern -i >> ((.)*) 30 30% 60 ignore-no-cache ignore-private ignore-reload >> ignore-no-store override-lastmod override-expire > > -- Best Regards, Kiên Lê
Re: [squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
Hey, Just to make sure you have taken a small look at the headers. The headers states that at almost the same time the request was asked it was expired. I have not seen the Request headers and I cannot tell you why it is like that but it seems like there is a reason for that. Have you tried to fetch the url with wget or curl? Eliezer On 26/11/13 03:57, Le Trung, Kien wrote: Thank Eliezer Croitoru for your response, I double checked your suggestion but still MISS all request refresh_pattern, of course, is in separated line from the cache_peer line, just my mistake when copy/paste to email. I use "." for the refresh_pattern before but no luck With this configuration, squid-3.1.23 still working properly (same original server).
Re: [squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
On 26/11/2013 4:35 p.m., Eliezer Croitoru wrote: > Hey, > > Just to make sure you have taken a small look at the headers. > The headers states that at almost the same time the request was asked it > was expired. > I have not seen the Request headers and I cannot tell you why it is like > that but it seems like there is a reason for that. Usually this is done on resources where the webmaster knows what they are doing and is completely confident that the data MUST NOT be stored. You know, the stuff the contains *private* user details and such. Expires: header causes HTTP/1.0 caches to remove the content immediately (or not store in the first place). Cache-Control:private does the same thing for HTTP/1.1 caches except for browsers. Which in HTTP/1.1 are allowed to store private data unless the "Cache-Control:no-store" or "Expires:" controls are also used. Amos
Re: [squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
Hi, Eliezer Croitoru I already sent the header in the first email. Is this the information you want ? = Squid 3.3.x HTTP/1.1 200 OK Cache-Control: private Content-Length: 117991 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Nov 2013 03:12:14 GMT Server: Microsoft-IIS/7.5 Date: Thu, 21 Nov 2013 03:12:15 GMT X-Cache: MISS from localhost.localdomain Connection: close And after Amos's reply I check again the header of Squid-3.1 = Squid 3.1.x HTTP/1.0 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Expires: Tue, 26 Nov 2013 05:00:03 GMT Server: Microsoft-IIS/7.5 Date: Tue, 26 Nov 2013 05:00:04 GMT Content-Length: 117904 Age: 64 Warning: 110 squid/3.1.23 "Response is stale" (confused here too !) X-Cache: HIT from localhost.localdomain Connection: close In both case I used the same directives ignore-private and override-expire and same origin server. Squids also built in same server, the difference is only http service ports. Still don't know why squid 3.3 and 3.2 can't ignore-private and override-expire header. Best Regards, Kien Le On Tue, Nov 26, 2013 at 11:10 AM, Amos Jeffries wrote: > On 26/11/2013 4:35 p.m., Eliezer Croitoru wrote: >> Hey, >> >> Just to make sure you have taken a small look at the headers. >> The headers states that at almost the same time the request was asked it >> was expired. >> I have not seen the Request headers and I cannot tell you why it is like >> that but it seems like there is a reason for that. > > Usually this is done on resources where the webmaster knows what they > are doing and is completely confident that the data MUST NOT be stored. > You know, the stuff the contains *private* user details and such. > > Expires: header causes HTTP/1.0 caches to remove the content immediately > (or not store in the first place). > > Cache-Control:private does the same thing for HTTP/1.1 caches except for > browsers. Which in HTTP/1.1 are allowed to store private data unless the > "Cache-Control:no-store" or "Expires:" controls are also used. > > > Amos > -- Best Regards, Kiên Lê
Re: [squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
On 26/11/2013 6:06 p.m., Le Trung, Kien wrote: > Hi, Eliezer Croitoru > > I already sent the header in the first email. Is this the information you > want ? > = Squid 3.3.x > HTTP/1.1 200 OK > Cache-Control: private > Content-Length: 117991 > Content-Type: text/html; charset=utf-8 > Expires: Thu, 21 Nov 2013 03:12:14 GMT > Server: Microsoft-IIS/7.5 > Date: Thu, 21 Nov 2013 03:12:15 GMT > X-Cache: MISS from localhost.localdomain > Connection: close > > And after Amos's reply I check again the header of Squid-3.1 > > = Squid 3.1.x > HTTP/1.0 200 OK > Cache-Control: private > Content-Type: text/html; charset=utf-8 > Expires: Tue, 26 Nov 2013 05:00:03 GMT > Server: Microsoft-IIS/7.5 > Date: Tue, 26 Nov 2013 05:00:04 GMT > Content-Length: 117904 > Age: 64 > Warning: 110 squid/3.1.23 "Response is stale" (confused here too !) > X-Cache: HIT from localhost.localdomain > Connection: close > > In both case I used the same directives ignore-private and > override-expire and same origin server. Squids also built in same > server, the difference is only http service ports. > > Still don't know why squid 3.3 and 3.2 can't ignore-private and > override-expire header. I still think you are misunderstanding what is happening here. Ignoring "private" simply means that Squid will store it instead of discarding immediately as required by RFC 2616 (and by Law in many countries). For safe use of privileged information we consider this content to expire the instant it was received. * The handling of that content once it is in cache still goes ahead in full accordance with HTTP/1.1 requirements had the private not been there to prevent caching. "override-expires" means that when the Expires: header is present the value inside it is replaced (overridden with) with the values in refresh_pattern header. * The calculation of how fresh/stale the object is still happens - just without the HTTP response header value for Expires. 3.1.20 are HTTP/1.0 proxies and do not perform HTTP/1.1 protocol validation perfectly. The headers still contain the Squid Warning: about the object coming out of cache (HIT) and being stale. 3.2+ are HTTP/1.1 proxies and are more strictly following RFC2616 requirements about revalidating stale content before use. It just happened that the server presented a new copy for delivery. NOTE: private *was* ignored. Expires *was* overridden. There was new content to deliver regardless of the values you changed them to. ALSO NOTE: The X-Cache header does not display REFRESH states. It displays "MISS" usually in the event of REFRESH_MODIFIED and "HIT" usually in the event of REFRESH_UNMODIFIED. You can get a better test of the private/Expires caching by causing the server those objects came from to be disconnected/unavailable when accessed from your Squid. In which case you should see the same headers as present in 3.1 indicating a HIT with stale object returned. Amos
Re: [squid-users] Directives ignore-private and override-expire not working Squid 3.2 and 3.3
Thank you, I saw the problem. So now I have to deal with "Cache-Control: private" header sent from IIS7.5 Don't know why IIS 7.5 always return "private", Google show some bugs of this. Thank you again Mr Jeffries. On Tue, Nov 26, 2013 at 2:14 PM, Amos Jeffries wrote: > On 26/11/2013 6:06 p.m., Le Trung, Kien wrote: >> Hi, Eliezer Croitoru >> >> I already sent the header in the first email. Is this the information you >> want ? >> = Squid 3.3.x >> HTTP/1.1 200 OK >> Cache-Control: private >> Content-Length: 117991 >> Content-Type: text/html; charset=utf-8 >> Expires: Thu, 21 Nov 2013 03:12:14 GMT >> Server: Microsoft-IIS/7.5 >> Date: Thu, 21 Nov 2013 03:12:15 GMT >> X-Cache: MISS from localhost.localdomain >> Connection: close >> >> And after Amos's reply I check again the header of Squid-3.1 >> >> = Squid 3.1.x >> HTTP/1.0 200 OK >> Cache-Control: private >> Content-Type: text/html; charset=utf-8 >> Expires: Tue, 26 Nov 2013 05:00:03 GMT >> Server: Microsoft-IIS/7.5 >> Date: Tue, 26 Nov 2013 05:00:04 GMT >> Content-Length: 117904 >> Age: 64 >> Warning: 110 squid/3.1.23 "Response is stale" (confused here too !) >> X-Cache: HIT from localhost.localdomain >> Connection: close >> >> In both case I used the same directives ignore-private and >> override-expire and same origin server. Squids also built in same >> server, the difference is only http service ports. >> >> Still don't know why squid 3.3 and 3.2 can't ignore-private and >> override-expire header. > > I still think you are misunderstanding what is happening here. > > > Ignoring "private" simply means that Squid will store it instead of > discarding immediately as required by RFC 2616 (and by Law in many > countries). For safe use of privileged information we consider this > content to expire the instant it was received. > * The handling of that content once it is in cache still goes ahead in > full accordance with HTTP/1.1 requirements had the private not been > there to prevent caching. > > > "override-expires" means that when the Expires: header is present the > value inside it is replaced (overridden with) with the values in > refresh_pattern header. > * The calculation of how fresh/stale the object is still happens - just > without the HTTP response header value for Expires. > > > 3.1.20 are HTTP/1.0 proxies and do not perform HTTP/1.1 protocol > validation perfectly. The headers still contain the Squid Warning: about > the object coming out of cache (HIT) and being stale. > > 3.2+ are HTTP/1.1 proxies and are more strictly following RFC2616 > requirements about revalidating stale content before use. It just > happened that the server presented a new copy for delivery. > > NOTE: private *was* ignored. Expires *was* overridden. There was new > content to deliver regardless of the values you changed them to. > > ALSO NOTE: The X-Cache header does not display REFRESH states. It > displays "MISS" usually in the event of REFRESH_MODIFIED and "HIT" > usually in the event of REFRESH_UNMODIFIED. > > > You can get a better test of the private/Expires caching by causing the > server those objects came from to be disconnected/unavailable when > accessed from your Squid. In which case you should see the same headers > as present in 3.1 indicating a HIT with stale object returned. > > Amos > -- Best Regards, Kiên Lê