[squid-users] Strange Interaction between Squid and Facebook

Patrick Blair - Peapod patrick.blair at ahold.com
Thu Oct 29 23:35:13 UTC 2015


Hi Amos,

I ran squid with those debug options you indicated and here is the output
for requesting https://www.facebook.com and
https://www.facebook.com/PeapodDelivers/

access.log
1446160994.160    471 10.1.99.147 TCP_MISS/200 3628 CONNECT
api.ip2info.org:443 pblair HIER_DIRECT/178.63.49.5 -
1446160998.706     76 10.1.99.147 TCP_MISS/200 3197 CONNECT
static.xx.fbcdn.net:443 - HIER_DIRECT/31.13.74.7 -
1446160998.713     57 10.1.99.147 TCP_MISS/200 3198 CONNECT
static.xx.fbcdn.net:443 - HIER_DIRECT/31.13.74.7 -
1446160998.795     48 10.1.99.147 TCP_MISS/200 3198 CONNECT
scontent.xx.fbcdn.net:443 - HIER_DIRECT/31.13.74.7 -
1446160998.863     25 10.1.99.147 TCP_MISS/200 2074 POST
http://vassg142.ocsp.omniroot.com/ - HIER_DIRECT/96.17.10.89
application/ocsp-response
1446160999.000     61 10.1.99.147 TCP_MISS/200 3198 CONNECT
static.xx.fbcdn.net:443 - HIER_DIRECT/31.13.74.7 -
1446161028.891  30142 10.1.99.147 TCP_MISS/200 8547 CONNECT
fbcdn-dragon-a.akamaihd.net:443 - HIER_DIRECT/96.17.10.18 -
1446161033.696  59489 10.1.99.147 TCP_MISS/200 4953 CONNECT
play.google.com:443 - HIER_DIRECT/74.125.196.100 -
1446161042.680  64997 10.1.99.147 TCP_MISS/200 23601 CONNECT
mail.google.com:443 - HIER_DIRECT/74.125.21.17 -
1446161049.265    519 10.1.99.147 TCP_MISS/200 688 CONNECT
api.ip2info.org:443 pblair HIER_DIRECT/178.63.49.5 -
1446161082.351     48 10.1.99.147 TCP_MISS/200 3198 CONNECT
static.xx.fbcdn.net:443 - HIER_DIRECT/31.13.74.7 -
1446161091.418  58753 10.1.99.147 TCP_MISS/200 5520 CONNECT
plus.google.com:443 - HIER_DIRECT/74.125.21.139 -
1446161109.247    502 10.1.99.147 TCP_MISS/200 3628 CONNECT
api.ip2info.org:443

cache.log
2015/10/29 18:22:49 kid1| Starting Squid Cache version 3.3.8 for
x86_64-redhat-linux-gnu...
2015/10/29 18:23:13 kid1| Starting new basicauthenticator helpers...
2015/10/29 18:23:18.853 kid1| forward.cc(317) Start: '
http://vassg142.ocsp.omniroot.com/'
2015/10/29 18:23:18.853 kid1| forward.cc(121) FwdState: Forwarding client
request local=10.46.128.68:10000 remote=10.1.99.147:61616 FD 22 flags=1,
url=http://vassg142.ocsp.omniroot.com/
2015/10/29 18:23:18.853 kid1| forward.cc(368) startConnectionOrFail:
http://vassg142.ocsp.omniroot.com/
2015/10/29 18:23:18.853 kid1| forward.cc(936) connectStart:
fwdConnectStart: http://vassg142.ocsp.omniroot.com/
2015/10/29 18:23:18.853 kid1| forward.cc(1058) connectStart:
fwdConnectStart: got outgoing addr 0.0.0.0, tos 0, netfilter mark 0
2015/10/29 18:23:18.854 kid1| AsyncCall.cc(18) AsyncCall: The AsyncCall
fwdConnectDoneWrapper constructed, this=0x7f053becf100 [call619]
2015/10/29 18:23:18.857 kid1| AsyncCall.cc(85) ScheduleCall:
ConnOpener.cc(132) will call fwdConnectDoneWrapper(local=10.46.128.68:41365
remote=96.17.10.89:80 FD 23 flags=1, data=0x7f053becef68) [call619]
2015/10/29 18:23:18.857 kid1| AsyncCallQueue.cc(51) fireNext: entering
fwdConnectDoneWrapper(local=10.46.128.68:41365 remote=96.17.10.89:80 FD 23
flags=1, data=0x7f053becef68)
2015/10/29 18:23:18.857 kid1| AsyncCall.cc(30) make: make call
fwdConnectDoneWrapper [call619]
2015/10/29 18:23:18.857 kid1| forward.cc(883) connectDone: local=
10.46.128.68:41365 remote=96.17.10.89:80 FD 23 flags=1: '
http://vassg142.ocsp.omniroot.com/'
2015/10/29 18:23:18.857 kid1| forward.cc(1074) dispatch: local=
10.46.128.68:10000 remote=10.1.99.147:61616 FD 22 flags=1: Fetching 'POST
http://vassg142.ocsp.omniroot.com/'
2015/10/29 18:23:18.857 kid1| AsyncCallQueue.cc(53) fireNext: leaving
fwdConnectDoneWrapper(local=10.46.128.68:41365 remote=96.17.10.89:80 FD 23
flags=1, data=0x7f053becef68)
2015/10/29 18:23:18.863 kid1| forward.cc(426) unregister:
http://vassg142.ocsp.omniroot.com/
2015/10/29 18:23:18.863 kid1| forward.cc(451) complete:
http://vassg142.ocsp.omniroot.com/
        status 200
2015/10/29 18:23:18.863 kid1| forward.cc(1212) reforward:
http://vassg142.ocsp.omniroot.com/?
2015/10/29 18:23:18.863 kid1| forward.cc(1215) reforward: No,
ENTRY_FWD_HDR_WAIT isn't set
2015/10/29 18:23:18.863 kid1| forward.cc(475) complete: server (FD closed)
not re-forwarding status 200
2015/10/29 18:23:18.863 kid1| forward.cc(248) ~FwdState: FwdState
destructor starting
2015/10/29 18:23:18.863 kid1| AsyncCall.cc(48) cancel: will not call
fwdConnectDoneWrapper [call619] because FwdState destructed
2015/10/29 18:23:18.863 kid1| forward.cc(278) ~FwdState: FwdState
destructor done

It doesn't look like it's showing anything for the facebook request, just
the ocsp one.

I forgot to mention as well in my earlier reply, we have the proxy
listening over port 10000 if that makes a difference.

For your question:

> Is it breaking only when Squid is in the "other" datacenter from the
> client(s) ?

Not sure if I answered that completely. Clients that are "local" to that
datacenter and not local to it have the same response, however I have been
making my tests from the same location.

Thanks again for your response, please let me know if I can provide any
further information.

Pat Blair
Sr. Unix Administrator
Peapod, LLC
pblair at peapod.com

-- 
This email and any attachments may contain information that is proprietary,
confidential and/or privileged and for the sole use of the intended 
recipients(s)
only.
If you are not the intended recipient, please notify the sender by return
email and delete all copies of this email and any attachments. Ahold and/or 
its
subsidiaries shall neither be liable for the inaccurate or incomplete 
transmission
of the information contained in this email or any attachments, nor for any 
delay
in its receipt. To the extent this email is intended to create any legal 
obligation,
the obligation shall bind only the contracting entity and not any other 
entity within
the Ahold Group.

-- 
This email and any attachments may contain information that is proprietary,
confidential and/or privileged and for the sole use of the intended 
recipients(s)
only.
If you are not the intended recipient, please notify the sender by return
email and delete all copies of this email and any attachments. Ahold and/or 
its
subsidiaries shall neither be liable for the inaccurate or incomplete 
transmission
of the information contained in this email or any attachments, nor for any 
delay
in its receipt. To the extent this email is intended to create any legal 
obligation,
the obligation shall bind only the contracting entity and not any other 
entity within
the Ahold Group.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151029/d144c339/attachment-0001.html>


More information about the squid-users mailing list