| Robert Collins 2004-02-28, 6:33 pm |
| On Sun, 2004-02-29 at 09:16, Marc Haber wrote:
> On Sun, 29 Feb 2004 08:55:02 +1100, Robert Collins
>
> Unfortunately, squid and me share a mutual dislike. How can I tune
> this behavior?
>
> Practice shows that a squid installed from a Debian package frequently
> doesn't even send out a request to the original server.
What version?
see refresh_pattern for the 'default heuristics'.
the default pattern (which will match http in the default config) is:
refresh_pattern . 0 20% 4320
thats in minutes - so between 0 and 72 hours. This only applies to
objects without expiry metadata. The 20% is the 'fresh period' and
applies to the objects age.
I.e. if a Packages file is updated a 0:00 on the 24/2/04, then a request
a 0500 on the 25/2/04 will give squid an object with age 0. Requests
until ~ 0600 will be be satisfied with no verification. After that,
verification will occur.
For a packages file that updates daily, the worst case scenario is:
- a squid retrieves it when it was last modified 23:59 hours ago.
- clients making requests to that squid will not be given the new
packages file for (1 day / 5) 4 hours 48 minutes.
If you add max-age=0, then every single request will validate to the
upstream, but will be given 304 results, so the overhead is (relatively)
minimal.
Likewise, if a maximum latency on Packages files is (say) 1 hour, use
max-age=3600
What I suggest is that for security.debian.org, use max-age=0. For other
sites, use max-age=3600.
Perhaps a keyword in sources.list ?
Rob
--
GPG key available at: <http://www.robertcollins.net/keys.txt>.
|