[squid-users] delay pool not workin
Heiler Bemerguy
heiler.bemerguy at cinbesa.com.br
Fri Sep 22 15:48:53 UTC 2017
Amos, talking about delay pools, I have a question: does it work if the
content being served is on a cache peer?
I think it only "shapes" traffic from a SERVER to squid, right? not from
a peer cache to squid.. :/
I'm having problems because we use a huge Microsoft Updates repository
as a cache peer and whenever a client on a 512kbit/s link (!!!!!!!!!)
starts his box, all the link is flooded with updates from us to it.
htcp_access allow localnet
acl wu dstdom_regex \.download\.windowsupdate\.com$
acl wu-rejects dstdom_regex stats
acl GET method GET
cache_peer 10.1.10.10 parent 8081 0 proxy-only no-tproxy no-digest
no-query no-netdb-exchange name=ms1
cache_peer_access ms1 allow GET wu !wu-rejects
cache_peer_access ms1 deny all
never_direct allow GET wu !wu-rejects
never_direct deny all
cache deny wu
cache allow all
prefer_direct off
acl srcdaico src 10.71.0.0/16
delay_pools 1
delay_class 1 3
delay_access 1 allow srcdaico !dstlocal
delay_access 1 deny all
delay_parameters 1 -1/-1 -1/-1 16000/16000
--
Atenciosamente / Best Regards,
Heiler Bemerguy
Network Manager - CINBESA
55 91 98151-4894/3184-1751
Em 22/09/2017 12:12, Amos Jeffries escreveu:
> On 23/09/17 02:31, Alex Gutiérrez Martínez wrote:
>> Could someone be so kind to explain to me why my rules do not work on
>> my delays pools?
>>
> ...
>>
>> Thanks again Mr. Jeffries, i change my delay to:
>>
>> acl navegación src 192.168.9.0/24
>>
>> acl lento dstdomain "/etc/squid3/bloqueo/lento" --> .youtube.com
>>
>> acl sociales dstdomain "/etc/squid3/bloqueo/sociales" --> .linkedin.com
>>
>> acl correos dstdomain "/etc/squid3/bloqueo/correos" -->.mail.yahoo.com
>>
>> acl extensiones urlpath_regex -i
>> "/etc/squid3/bloqueo/listaextensiones" --> \.mkv$
>>
>> delay_pools 3
>>
>> #Canal 1 extensiones.
>> delay_class 1 1
>> delay_parameters 1 32768/32768
>> delay_access 1 allow extensiones !navegacion !lento !sociales !correos
>> delay_access 1 deny all
>>
>> #Canal 2 para usuarios.
>> delay_class 2 1
>> delay_parameters 2 65536/65536
>> delay_access 2 allow navegacion !lento !sociales !correos !extensiones
>> delay_access 2 deny all
>>
>> #Canal 3 para cosas lentas.
>> delay_class 3 1
>> delay_parameters 3 8192/16384
>> delay_access 3 allow lento sociales correos !navegacion !extensiones
>> delay_access 3 deny all
>>
>> But my sqstat shows the use of delay pool # 2, # 1 and # 3 are
>> disable. On youtube shows delay_pool=0.
>>
>> I put the following configuration but I was unable to make it work.
>> Again only delay pool # 2 was the only who worked this time.
>
>
> Pool #3 requires the domain name of a single transaction to
> simultaneously be *mail.yahoo.com AND *.linkedin.com AND *.youtube.com
> Obviously that is impossible, so nothing can match the line that allows.
>
> Pool #1 should match a few things. But probably not what you are
> testing with.
>
> I suggest you try to re-write your ACLs in a simpler way with less '!'
> (not) modifiers. The way you are compressing lots of things into each
> line is no faster than multiple lines, but much harder to understand
> what is going on.
>
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list