On Mon, 31 Oct 2011 18:56:00 +0000, Einar Indridason wrote:
> Hi.
>
> I'm using squid 3.1.16, compiled from source with:
> ./configure --prefix=/usr/local/squid-3.1.16/ --enable-useragent-log
> --enable-referer-log --disable-ident-lookups --with-large-files
>
> Running on a 64bit Debian 6 box.
>
>
> If I send a request: Sent by doing: cat file | nc proxy.example.com
> 80
>
> ==============================================================================
> HEAD / HTTP/1.1
> Host: www.example.com
> User-Agent: Mozilla/5.0 (X11; Linux i686; rv:7.0.1) Gecko/20100101
> Firefox/7.0.1
> Accept:
> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip, deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Cookie: eplicaWebVisitor=-926431977; fptab=skjalftar;
> JSESSIONID=C44066454BC7A2C8A052BC0C69D44620
> DNT: 1
> Connection: keep-alive
> If-Modified-Since: Sat, 30 Oct 2011 16:42:36 GMT
> Cache-Control: max-age=0
> If-None-Match: S-is-94659-1319906578198
>
>
>
> ==============================================================================
>
> I get back:
>
Calling this (1) ...
>
> ==============================================================================
> HTTP/1.0 200 OK
> Date: Mon, 31 Oct 2011 18:22:45 GMT
> Set-Cookie: JSESSIONID=05358DBC68CE264A981D34FB8322CADC; Path=/
> Powered-By: Eplica WMS 2.0 (2.0-SNAPSHOT)
> Last-Modified: Mon, 31 Oct 2011 18:22:21 GMT
> Expires: Mon, 31 Oct 2011 18:22:55 GMT
> Cache-Control: public, must-revalidate, max-age=10
> ETag: S-is-94983-1320085375761
> Content-Type: text/html;charset=UTF-8
> Content-Language: is-IS
> Vary: Accept-Encoding
> Content-Encoding: gzip
> Content-Length: 18425
> X-Cache: MISS from proxy.example.com
> Via: 1.0 proxy.example.com (squid/3.1.16)
> Connection: keep-alive
>
>
> ==============================================================================
>
Calling this (2) ...
> If I send the same request, but leave out the "If-None-Match", I get:
> HTTP/1.0 200 OK
> Date: Mon, 31 Oct 2011 18:24:10 GMT
> Powered-By: Eplica WMS 2.0 (2.0-SNAPSHOT)
> Last-Modified: Mon, 31 Oct 2011 18:23:22 GMT
> Expires: Mon, 31 Oct 2011 18:24:20 GMT
> Cache-Control: public, must-revalidate, max-age=10
> ETag: S-is-94983-1320085460159
> Content-Type: text/html;charset=UTF-8
> Content-Language: is-IS
> Vary: Accept-Encoding
> Content-Encoding: gzip
> Content-Length: 18425
> Age: 3
> X-Cache: HIT from proxy.example.com
> Via: 1.0 proxy.example.com (squid/3.1.16)
> Connection: keep-alive
>
>
> ==============================================================================
'delta' (time difference) between the two requests is 120 seconds (2
minutes).
+ Server indicates 'must-revalidate'. Always contact backend server.
+ max-age is 10 seconds. Always fetch new content if current is older
than 10 seconds.
+ origin servers object was modified 60 seconds after request (1).
So this is correct. The cached object was stale, backend had an updated
copy which got returned in full using status 200.
If-None-Match and If-Modified-Since are both "true" conditions for
these tests. Either one alone is enough to make a 200 happen.
>
> Hmm... I *think* the needed lines from squid.conf would look like,
> but please correct me if this is not enough to determine the cause:
>
> http_port 1.2.3.4:80 accel defaultsite=www.example.com vhost
> ignore-cc
The "ignore-cc" directive is there to ignore the client when it tries
to override the server Cache-Crontrol. In the above your server is
saying max-age=10 (give clients things up to 10 seconds old). But the
client is attempting to override and says max-age=0 (nothing 1 second or
older may be sent to me).
Since this is a reverse-proxy and your Squid is one of the servers for
this domain it is able to safely ignore that client max-age, and say
here is object X, its valid right now (despite being 1-10 seconds old).
In the case you detailed above, it will make Squid ignore the max-age=0
(force a reload) from the client. BUT, the server is still indicating 10
second max-age and must-revalidate. So the revalidate conditions will
still happen and possibly produce a 200.
>
> cache_peer 1.2.3.99 parent 80 0 no-query originserver name=myAccel
>
>
> Now, is there a simple(ish) way of throwing away / ignoring that
> "If-None-Match" header, or configure squid in other ways, to go to
> the
> cache, and create a HIT?
That is up to your server to respond with 304 instead of 200. When
testing conditional requests a 304 message is equivalent to a HIT in
older traffic.
As or ignoring the If-* headers. This is a very bad idea(tm)...
Consider a login script which presents exactly two "variants". One says
"Successful login". The other says "Successful logout".
The If-* values and ETag encodes which of these the client is
attempting to display so Squid and the server can override with 200 and
essentially say 'no display this instead'.
In the login example, the server would check its login/out state for
the client and allow the display or replace it. Overriding these details
and making Squid "HIT" would lead to users clicking logout buttons and
seeing "Successful login". Or the opposite; submitting login credentials
and seeing "Successful logout". Whichever one was cached at the time.
Things get very messy and confusing for both the users and yourself
when instead of a clearly visible login/logout message we begin with
things like media types and encoded stuff. Or even for one more common
example; someone's list of facebook friends.
Amos
Received on Mon Oct 31 2011 - 22:33:32 MDT
This archive was generated by hypermail 2.2.0 : Tue Nov 01 2011 - 12:00:04 MDT