Configuration Manual
|
Squid 2.4 Stable1 Configuration Manual |
|
|
| Previous |
Tag Name |
||
Usage |
cache_peer hostname type http_port icp_port options |
|
Description This tag is used to specify the other caches in the hierarchy. Thecache_peer option is split into five fields. The first field is thehostname or IP of the cache that is to be queried. The second fieldindicates the type of relationship. The third field sets the HTTP portof the destination server, while the fourth sets the ICP (UDP) queryport. The fifth field can contain more than zero or more keywords.Here are the detailed explanations on each field. See cache_peer_access also. |
||
Hostname |
Hostname (FQDN) or IP address of the cache to be queried should bementioned. For ex, cache_peer sib1.visolve.com sibling 3128 3130 [proxy-only] cache_peer 172.16.1.100 sibling 3128 3130 [proxy-only] |
|
Type |
Here cache hierarchy should be specified. This option plays an important role in deciding neighbor selection. parent sibling multicast |
|
Http_port |
The port number where the cache listens for proxy requests. See also http_port |
|
Icp_port |
Used for querying neighbor caches about objects. To have a non-ICPneighbor specify '7' for the ICP port and make sure the neighbor machinehasthe UDP echo port enabled in its /etc/inetd.conf file. See also icp_port |
|
Options |
||
| Proxy-only |
|
To specify that objects fetched from this cache should not be saved
locally |
||
| Weight=n |
| To specify a weighted parent. The weight must be an integer. The default weight is 1, larger weights are favored more | ||
| ttl=n |
| To specify a “Time To Live” (ttl) value when sending ICP queries to multicast groups. We don’t accept ICP replies from random hosts. So you must configure other group members as peers with the ‘multicast-responder’ option below | ||
| no-query |
|
This option is set for those peers, which do not support ICP queries. Itis
obvious to have doubt about the ICP port specified in, while using thisoption. Squid doesn't care what digit has been given in the ICP port when no-query is specified.Using any number is fine. It is recommended to use 0 to emphasis the fact that ICP is not usedin any way (not even to UDP echo port 7). This might be the typical example for this option : cache_peer hostname sibling 8080 0 proxy-only no-query By default, Port 3130 is typically where an ICP-aware proxy listens for ICP packets. Port 7 is the "echo" port (see /etc/services). It is typically handled by inetd as an internal process and simply "echoes" back what has been sentit. Since option "no-query" specified, port "7" is there so that ifpeer is queried, Squid gets an answer and not declares peer as dead and therefore stop using it. Port 7 is used when Squid has a non-ICP peer but still want to query it before sending requests there (no-query not specified). In such case Squid willsend the ICP queries to port 7 which is the UDP echo port |
||
| default |
| If this is a parent cache which can be used as a “last-resort” and not ICP enabled then "default" would be the appropriate option. Simply adding default to a parent does not force all requests to be sentto that parent. The term default is perhaps a poor choice of words. If thecache is able to make direct connections, direct will be preferred over default. If needed to force all requests to parent cache(s), use the never_direct option. | ||
| round-robin |
| To define a set of parents which should be used in a round-robin fashion in the absence of any ICP queries | ||
| multicast-responder |
| Indicates that the named peer is a member of a multicast group. ICP queries will not be sent directly to the peer, but ICP replies will be accepted from it | ||
| closest-only |
| Indicates that, for ICP_OP_MISS replies, we’ll only forward CLOSEST_PARENT_MISSes and never FIRST_PARENT_MISSes | ||
| no-digest |
| To NOT request cache digests from this neighbor | ||
| no-netdb-exchange |
| It disables requesting ICMP RTT database (NetDB) from the neighbor | ||
| no-delay |
| To prevent access to this neighbor from influencing the delay pools | ||
| login=user:password |
| If this is a personal/workgroup proxy and your parent requires proxy authentication | ||
| connect-timeout=nn |
| To specify a peer specific connect timeout (also see the peer_connect_timeout directive) | ||
| digest-url=url |
| To tell Squid to fetch the cache digest (if digests are enabled) for this host from the specified URL rather than the Squid default location | ||
Usage |
none |
|
| No cache peer is defined |
Example cache_peer proxy.visolve.com parent 3128 3130 default cache_peer 172.16.1.100 sibling 3128 3130 proxy-only cache_peer 172.16.1.123 sibling 3129 5500 weight=2 |
Caution If you compiled Squid to support HTCP, your cache will automatically attempt to connect to TCP port 4827 (there is currently no option to change this port value). Cache digests are transferred via the HTTP port specified on the cache_peer line. Non-ICP neighbors must be specified as ‘parent’. |
Tag Name |
cache_peer_domain |
|
Usage |
cache_peer_domain cache_host domain [domain ...] |
|
Description This tag is used to limit the domains for which the neighbor caches will be queried. It is used to communicate with different caches depending on the domain that the request is destined for
|
||
Default |
none |
|
Example cache_peer_domain parent.foo.net .edu It has the effect such that UDP query packets are sent to 'bigserver' only when the requested object exists on a server in the .edu domain . |
||
Caution |
- |
|
Tag Name |
neighbor_type_domain |
|
Usage |
neighbor_type_domain parent|sibling domain domain ... |
|
Description Modifying the neighbor type for specific domains is now possible. You can treat some domains differently than the default neighbor type specified on the 'cache_peer' line. Normally it should only be necessary to list domains, which should be treated differently because the default neighbor type applies for hostnames, which do not match domains listed here . |
||
Default |
none |
|
|
|
||
Caution |
- |
|
Tag Name |
icp_query_timeout (msecs) |
|
Usage |
icp_query_timeout milliseconds |
|
Description Normally Squid will automatically determine an optimal ICP query timeout value based on the round-trip-time of recent ICP queries. If you want to override the value determined by Squid, set this 'icp_query_timeout' to a non-zero value . |
||
Default |
icp_query_timeout 0 |
|
|
|
||
Caution |
- |
|
Tag Name |
maximum_icp_query_timeout (msecs) |
|
Usage |
maximum_icp_query_timeout milliseconds |
|
Description Normally the ICP query timeout is determined dynamically. But sometimes it can lead to very large values (say 5 seconds). Use this option to put an upper limit on the dynamic timeout value. If 'icp_query_timeout' is set to zero, then this value is ignored . |
||
Default |
maximum_icp_query_timeout 2000 |
|
Example |
- |
|
Caution Do NOT use this option to always use a fixed (instead of a dynamic) timeout value. |
Tag Name |
mcast_icp_query_timeout (msecs) |
|
Usage |
mcast_icp_query_timeout milliseconds |
|
|
When Squidsends
out a multicast query, it will wait at most mcast_icp_query_timeout
seconds (it's perfectly possible that one day a peer will be on the
moon: and it would probably be a bad idea to peer with that cache
seriously, unless it was a parent for the Mars top-level domain.)
It's unlikely that you will want to increase this value, but youmay
wish to drop it, so that only reasonably speedy replies are considered. |
||
Default |
mcast_icp_query_timeout 2000 |
|
Example |
- |
|
Caution Do NOT use this option to always use a fixed (instead of a dynamic) timeout value. |
Tag Name |
dead_peer_timeout (secs) |
|
Usage |
dead_peer_timeout seconds |
|
|
|
||
Default |
dead_peer_timeout 10 seconds |
|
Example |
- |
|
Caution This timeout also affects when Squid expects to receive ICP replies from peers. If more than 'dead_peer' seconds have passed since thelast ICP reply was received, Squid will not expect to receive an ICPreply on the next query. Thus, if your time between requests is greaterthan this timeout, you will see a lot of requests sent DIRECT to originservers instead of to your parents. |
Tag Name |
hierarchy_stoplist |
|
Usage |
hierarchy_stoplist words |
|
Description |
||
A list of words which, if found in a URL, cause the objectto be handled directly by this cache. In other words, use this whento want to query neighbor caches for certain objects. This option can be listed multiple times. As Some times this functionality is affected by the directive never_direct, See also never_direct. |
||
Note : To include all dynamic pages in this tag is recommended.. |
||
Default |
hierarchy_stoplist cgi-bin ? |
|
| Squid will fetch URL’s containing 'cgi-bin' or '?' from the origin servers directly without communicating with cache peers. | ||
Example |
hierarchy_stoplist jsp asp |
|
| If the URL contains the words jsp and asp, which indicate dynamic pages, then Squid will not query peers for the pages and will directly request the origin server | ||
Caution |
- |
|
Tag Name |
no_cache |
|
Usage |
no_cache deny|allow aclname |
|
Description |
||
A list of ACL elements, which, if matched, cause the reply to immediately, removed from the cache. In other words, use this to force certain objects to never be cached |
||
Default acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY The word 'DENY' is to indicate the ACL names, which should NOT be cached |
||
Example acl DENYPAGE urlpath_regex Servlet no_cache deny DENYPAGE The DENYPAGE acl assures that the url containing Servlet will NOT be cached |
||
Caution It is recommended to use this directive effectively. |
||