> Hi,
>
> I have some hosts that use one squid-1 server that has a squid-2 parent:
>
> I mean squid-1 has:
>
> cache_peer parent.domain parent 8080 3130
>
>
> But some sites are unaccessible, in special those sites with url having an
> "?"
>
> for example:
>
> 1242674301.146 104 10.128.255.189 TCP_MISS/503 1415 GET
> http://ar.yahoo.com/? - DIRECT/209.191.93.55 text/html
>
You will get a better trace of these without stripping the query string.
http://www.squid-cache.org/Doc/config/strip_query_terms/
>
> and browser shows:
>
> Error
> The requested URL could not be retrieved
>
> While trying to retrieve the URL http://ar.yahoo.com/?
>
> The following error was encountered:
>
> *Connection to 209.191.93.55
>
> The system returned:
>
> (111) Connectio0n refused
>
>
> Also, On the squid-1 iptables are doing REDIRECT.
>
> Please could you tell me what's wrong?
By default dynamic pages cannot be trusted through peers. Squid up until
very recently added no-cache to peer requests (IIRC), which screws up the
bandwidth savings. So while its safe enough to turn on caching of dynamic
pages it's still a sticky issue if they pass through peers.
http://www.squid-cache.org/Doc/config/hierarchy_stoplist/
Your trace shows Squid-1 is not using the squid-2 as a source, its just
trying to go there DIRECTly. And the source is actively doing a TCP level
reset/denial.
Amos
Received on Tue May 19 2009 - 03:08:48 MDT
This archive was generated by hypermail 2.2.0 : Wed May 20 2009 - 12:00:02 MDT