ROS4.5 clearing webproxy cache almost immediately

Pada · January 23, 2010, 8:31pm

Hi,

I’ve installed RouterOS 4.5 in VirtualBox and I’ve redirected dst port 80 (TCP) to 8080 (my transparent web proxy). The proxy is working fine, but for some reason the cache is cleared almost immediately. When looking at the cache status, it would go to like 200kB (the size of the image that I downloaded) and then a few seconds later it would be 0kB again.
In the Cache Contents tab (in WinBox), the URI field is blank!

My setup is like follow:

clients connect to the PPTP Server on 192.168.1.50, which assigns them a 192.168.3.* IP
it should NAT all 192.168.0.0/16 src IP addresses to the Internet

Here’s a shortened version of my config:

# jan/24/2010 00:20:34 by RouterOS 4.5
/interface ethernet
set 0 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
    disable-running-check=yes disabled=no full-duplex=yes mac-address=\
    08:00:27:28:ED:46 mtu=1500 name=ether1 speed=100Mbps
/interface pptp-server
add comment="" disabled=no name=pptp-server user=admin
/ip pool
add name=pool-pada ranges=192.168.3.8/30
/ppp profile
set default change-tcp-mss=yes comment="" name=default only-one=default \
    use-compression=default use-encryption=default use-vj-compression=default
add change-tcp-mss=default comment="" local-address=192.168.3.1 name=\
    pptp-encryption-pada only-one=default remote-address=pool-pada \
    use-compression=default use-encryption=required use-vj-compression=\
    default
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
    no
/interface pptp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=pptp-encryption \
    enabled=yes keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/ip address
add address=192.168.1.50/24 broadcast=192.168.1.255 comment="added by setup" \
    disabled=no interface=ether1 network=192.168.1.0
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
    tcp-close-wait-timeout=10s tcp-established-timeout=1d \
    tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
    tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
    tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
/ip firewall nat
add action=redirect chain=dstnat comment="" disabled=no dst-port=80 protocol=\
    tcp src-address=192.168.0.0/16 to-ports=8080
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
    ether1 src-address=192.168.0.0/16
/ip proxy
set always-from-cache=yes cache-administrator="Pada" cache-hit-dscp=\
    4 cache-on-disk=yes enabled=yes max-cache-size=unlimited \
    max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
    parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=\
    no src-address=0.0.0.0
/ip proxy access
add action=deny comment="block telnet & spam e-mail relaying" disabled=no \
    dst-port=23-25
add action=deny comment=\
    "allow CONNECT only to SSL ports 443 [https] and 563 [snews]" disabled=\
    yes dst-port=!443,563
/ip proxy cache
add action=allow comment="" disabled=no dst-port=80
/ip route
add comment="added by setup" disabled=no distance=1 dst-address=0.0.0.0/0 \
    gateway=192.168.1.100 scope=30 target-scope=10
/ppp secret
add caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0 \
    name=pada profile=pptp-encryption-pada routes="" service=pptp
/store
add comment="" disabled=no disk=primary-master name=user-manager1 type=\
    user-manager
add comment="" disabled=no disk=primary-master name=web-proxy1 type=web-proxy
/system hardware
set multi-cpu=yes
/system health
set state-after-reboot=enabled
/system identity
set name=MikroTik
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical

Edit:
I’ve checked, the Cache tab too and the # of hits does increment!

Here is someone else’s thread that seems similar: http://forum.mikrotik.com/t/routeros-web-proxy/32207/1

sergejs · January 28, 2010, 2:52pm

What is the disk space of your proxy router?

Pada · January 28, 2010, 9:29pm

I have it configured to dynamically adjust up to 5GB.

Is it some kind of 32bit error that would restrict ROS from working with any size larger than 4GB?

sergejs · February 1, 2010, 1:09pm

No, there is not. I have proxy, which is working fine with big hard drive 160Gb (if I’m not mistaken).
What is shown in /ip proxy monitor?

Pada · February 1, 2010, 3:30pm

OK, I’ll have a look at /ip proxy monitor when I’m back from work.

Pada · February 1, 2010, 6:47pm

I’m not sure what I should be looking for here

                 status: running
                 uptime: 2m37s
               requests: 32
                   hits: 0
             cache-used: 0KiB
         total-ram-used: 243KiB
  received-from-servers: 376KiB
        sent-to-clients: 376KiB
   hits-sent-to-clients: 0KiB

Its still showing a a single entry with an empty URI under /ip proxy cache-contents
The size of the cache is always the size of the last item. So if the item can’t be cached, then the cache-used resets to 0, I suppose.

I know this isn’t what I’ve started the thread for, but I have a RB750 running with a transparent proxy too, and I can’t set the ‘max-cache-size’ when the ‘cache-on-disk=no’. It’s also running ROS4.5 ! As soon as I set the ‘cache-on-disk=no’, it sets the ‘max-cache-size’ to ‘none’.

sergejs · February 2, 2010, 6:00pm

Is there any improvement, when you set specific value to max-cache-limit instead of unlimited?

Pada · February 2, 2010, 10:27pm

No, I have tried numerous values for the max-cache-size, and it immediately resets it to ‘none’.

I’m guessing that it has to be some kind of setting that I’m using that is causing the web proxy not to cache?! I’ve downgraded the ROS4.5 in the VirtualMachine to 3.30 and its also clearing the cache/showing a blank URI.