On 9/08/2013 12:28 p.m., Golden Shadow wrote:
Hello there!
I installed a TPROXY squid V3.3.7 for a client who originally had an intercept
squid V2.7.STABLE9. The request hit ratio of the old squid server is around 35%
and byte hit ratio is around 10%. For some reason, the client wanted to keep
the original squid server, but he connected it to the new TPROXY as an upstream
cache server along with some new small subnets. At first the request hit ratio
of the new TPROXY was around 1%, which is extremely low. I thought that was
because the cache did not have enough content. Now that the cache of the new
TPROXY server has around 1.2 TB of data, the request hit ratio is still very
low, around 1.5% and byte hit ratio is around 2%. This time, I thought this
very low hit ratio is just due to the fact that the old squid server would also
cache any content that the new squid would cache, and thus there would not be
any hits to the cached content on the new squid server. Therefore, I asked my
client to redirect all traffic
to the new TPROXY server directly, I was disappointed to see that request hit
ratio did not exceed 5% and byte hit ratio did not exceed 7%, although I set
the maximum cacheable object size on the new squid to be 512 MB, which is quite
large!
Do you have any idea about what could be going on? Do you think if we keep all
the traffic redirected to the new TPROXY server, the hit ratio would increase
after some time?
Sorry. I was away when this was posted and meant to come back to this...
If you enable access.log does it show a lot of ORIGINAL_DST server types
being contacted? That indicates that the Host header security checks are
detecting possible forgery attacks and preventing the responses being
cached.
Just in case you would need to look at the configuration of the new squid, it
is pasted below. It is running on a Dell server with 2 X 2.7 GHz CPUs, each
with 12 cores. Physical memory is 192 GB. I got the refresh patterns from a
friend of mine, I think it's not optimized, and I hate to use things like
(override-expire ignore-reload ignore-private ignore-auth) but I just wanted
to try everything to improve the extremely low hit ratio.
Do you recommend some refresh patterns that are available online?
None from me. Except the default cgi-bin pattern should be:
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
Amos
