On Sun, 2004-02-29 at 09:16, Marc Haber wrote: > On Sun, 29 Feb 2004 08:55:02 +1100, Robert Collins > >Thats incorrect. max-age tells squid it MUST revalidate entities with an > >age >= the max-age value. If squid considers an entity stale it will > >revalidate it regardless - and your local squid config can tune when > >this occurs. > > Unfortunately, squid and me share a mutual dislike. How can I tune > this behavior? > > Practice shows that a squid installed from a Debian package frequently > doesn't even send out a request to the original server. What version? see refresh_pattern for the 'default heuristics'. the default pattern (which will match http in the default config) is: refresh_pattern . 0 20% 4320 thats in minutes - so between 0 and 72 hours. This only applies to objects without expiry metadata. The 20% is the 'fresh period' and applies to the objects age. I.e. if a Packages file is updated a 0:00 on the 24/2/04, then a request a 0500 on the 25/2/04 will give squid an object with age 0. Requests until ~ 0600 will be be satisfied with no verification. After that, verification will occur. For a packages file that updates daily, the worst case scenario is: - a squid retrieves it when it was last modified 23:59 hours ago. - clients making requests to that squid will not be given the new packages file for (1 day / 5) 4 hours 48 minutes. If you add max-age=0, then every single request will validate to the upstream, but will be given 304 results, so the overhead is (relatively) minimal. Likewise, if a maximum latency on Packages files is (say) 1 hour, use max-age=3600 What I suggest is that for security.debian.org, use max-age=0. For other sites, use max-age=3600. Perhaps a keyword in sources.list ? Rob -- GPG key available at: <http://www.robertcollins.net/keys.txt>.
Attachment:
signature.asc
Description: This is a digitally signed message part