[squid-users] Delay pools in squid4 not working with https

[Eliezer Croitoru]

Just to mention QUIC related wiki links:
- https://wiki.squid-cache.org/KnowledgeBase/Block%20QUIC%20protocol?highlight=%28QUIC%29
- https://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2?highlight=%28QUIC%29#QUIC.2FSPDY_protocol_blocking

Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il



-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Amos Jeffries
Sent: Wednesday, July 11, 2018 12:35 AM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Delay pools in squid4 not working with https

On 11/07/18 07:50, Paolo Marzari wrote:
> My home server just updated from 3.5.27, everything is working fine, 
> but delay pools seems broken to me.
> I capped some devices to 240kb/s and tried to download a debian ISO 
> with one of them...all good, 240kb/s.
> Then I tried a speed test, results = 2.2mb/s, that's the whole ADSL speed.
> 
> So I tried youtube videos, no cap at all, same problem with facebook.
> Revert to 3.5.27 and delays works again with every type of traffic.
> 
> I think there's something wrong with https traffic.
> 

a) is it actually HTTPS traffic?

b) are the bytes going through the proxy 2.2Mbps or 240kbps ?

I ask because Google/YouTube and Facebook are services using HTTP/2 with high compression features as much as possible. So while the proxy is set to transfer X bytes per second, when hidden inside "HTTPS" those X bytes may show up as 90*X bytes of traffic when decompressed by a Browser.

Or the transfer may be QUIC protocol, completely bypassing the HTTP the proxy is counting.

Amos
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users