[squid-users] Squid transparent not caching apt requests from deb.debian.org
zrm
zrm at trustiosity.com
Fri Apr 3 20:26:13 UTC 2020
Greetings! Today I bring you a Squid cache mystery.
I configured a simple transparent proxy to cache package downloads for
Debian, using Squid on Debian 10. When apt clients download packages
from deb.debian.org, Squid says TCP_MISS, downloads the package, and
then doesn't cache it. The mystery is, why not.
It caches other requests by other applications. It caches other requests
by apt -- packages from security.debian.org get cached. It caches
requests for deb.debian.org when the client is not apt -- using wget or
curl on the same URL causes it to be cached, as does pasting the HTTP
request into netcat. The same HTTP request that apt sends. I checked the
packets with WireShark and the TCP payload for the request is byte for
byte identical, but when apt does it, it isn't cached. I'm not sure how
it's even distinguishing the requests in order to behave differently.
These are the changes from the default squid.conf packaged with Debian 10:
http_access allow localnet
http_port 3130
http_port 3128 intercept
maximum_object_size_in_memory 4 MB
Here are repeated requests using "apt remove -y vim;apt install vim",
access.log:
1585891724.223 560 192.168.111.55 TCP_MISS/200 1281195 GET
http://deb.debian.org/debian/pool/main/v/vim/vim_8.1.0875-5_amd64.deb -
ORIGINAL_DST/199.232.64.204 application/x-debian-package
1585891726.697 277 192.168.111.55 TCP_MISS/200 1281195 GET
http://deb.debian.org/debian/pool/main/v/vim/vim_8.1.0875-5_amd64.deb -
ORIGINAL_DST/199.232.64.204 application/x-debian-package
store.log:
1585891535.154 RELEASE -1 FFFFFFFF 04000000000000001712000001000000 200
1585891535 1560620795 1588483535 application/x-debian-package
1280476/1280476 GET
http://deb.debian.org/debian/pool/main/v/vim/vim_8.1.0875-5_amd64.deb
1585891724.223 RELEASE -1 FFFFFFFF 05000000000000001712000001000000 200
1585891723 1560620795 1588483723 application/x-debian-package
1280476/1280476 GET
http://deb.debian.org/debian/pool/main/v/vim/vim_8.1.0875-5_amd64.deb
But here are repeated requests for the same url using wget, access.log:
1585891729.700 433 192.168.111.55 TCP_MISS/200 1281195 GET
http://deb.debian.org/debian/pool/main/v/vim/vim_8.1.0875-5_amd64.deb -
ORIGINAL_DST/199.232.66.133 application/x-debian-package
1585891731.089 70 192.168.111.55 TCP_REFRESH_UNMODIFIED/200 1281232
GET
http://deb.debian.org/debian/pool/main/v/vim/vim_8.1.0875-5_amd64.deb -
ORIGINAL_DST/199.232.66.133 application/x-debian-package
store.log:
1585891726.697 RELEASE -1 FFFFFFFF 06000000000000001712000001000000 200
1585891726 1560620795 1588483726 application/x-debian-package
1280476/1280476 GET
http://deb.debian.org/debian/pool/main/v/vim/vim_8.1.0875-5_amd64.deb
1585891731.047 RELEASE -1 FFFFFFFF 08000000000000001712000001000000 304
1585891731 -1 1588483731 unknown -1/-293 GET
http://deb.debian.org/debian/pool/main/v/vim/vim_8.1.0875-5_amd64.deb
In the first case we get TCP_MISS every time because it isn't caching
the data, in the second case it's only the first time and after that we
get TCP_REFRESH_UNMODIFIED. But how and why is this happening?
More information about the squid-users
mailing list