[squid-users] caching issues - caching traffic from another proxy, and caching https traffic

Amos Jeffries squid3 at treenet.co.nz
Thu Nov 5 15:31:02 UTC 2015

On 5/11/2015 7:16 a.m., John Smith wrote:
> Hi,
> I'm trying to improve our cache hit ratio.  We have a fairly complicated
> layer of squid 3.10 proxies as previously detailed.
> Problem 1.  Some of the traffic is identified by domain to go to another
> layer of proxies.  I've called this proxy otherl1proxy in the squid.conf
> below.  I've noticed that this traffic is not cached at all on either set
> of proxies.   I'd like it cached at the top layer if possible because these
> will be the largest servers with the largest caches.  I've removed
> 'originserver' from the squid.conf to test but that didn't seem to help.
> Problem 2.  We are not caching any https traffic.  Is it possible to cache
> https traffic, and if so how would one do it?  As many websites are moving
> towards https for all traffic this lowers the effectiveness of cache...

Hi John,

Sorry to be the bearer of bad news. But problem #1 is another side
effect of the ELB situation. These will also come right back to the same
ELB problems, and the same multiple-ports solution.

Every time you get that NAT failure message from the last issue we
discussed, the requests in that connection will not be cacheable.

As for #2, there is SSL-bump feature in Squid. But for your current
configuration it would be extremely painful to deal with.


More information about the squid-users mailing list