[squid-users] Use ICP RTT with HTTPS request
Théo BARRAGUE
Theo.BARRAGUE.ext at boursorama.fr
Fri Sep 23 14:30:35 UTC 2022
Hello,
I'm trying to setup ICP exchange with HTTPS request.
With my current setup (no ssl bumping) I can't use ICP for cache but it may be possible for RTT.
My goal is to use the closest parent to establish the connection.
My configuration look like :
cache_peer 127.0.0.1 parent 3129 3131 no-digest proxy-only name=same-server
cache_peer_access same-server allow all
cache_peer w.x.y.z parent 3129 3131 no-digest proxy-only name=pair-server
cache_peer_access pair-server allow all
query_icmp on
never_direct allow all
It works great for http, when I curl for the first time i got that :
same-server
Network recv/sent RTT Hops Hostnames
142.251.40.0 1/ 1 121.0 14.0 www.google.fr
pair-server
Network recv/sent RTT Hops Hostnames
172.253.122.0 1/ 1 94.0 23.0 www.google.fr<http://www.google.fr>
Next requests will go through pair-server, example :
same-server
Network recv/sent RTT Hops Hostnames
142.251.40.0 1/ 1 121.0 14.0 www.google.fr
pair-server
Network recv/sent RTT Hops Hostnames
172.253.122.0 10/ 10 93.1 23.0 www.google.fr<http://www.google.fr>
But for HTTPS, squid is able to determine hostname and network but doesn't care about RTT sharing :
same-server
Network recv/sent RTT Hops Hostnames
149.202.190.0 10/ 1 6.0 15.0 api.gouv.fr
pair-server
Network recv/sent RTT Hops Hostnames
Even if I force a request though the pair-server to initiate NetDB, ICP not used.
How can I say "please, use ICP for RTT sharing like you did with HTTP" ?
Best regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220923/b65ed6e9/attachment.htm>
More information about the squid-users
mailing list