[squid-users] TCP_TUNNEL_ABORTED/200 with spliced windows updates
Ahmad, Sarfaraz
Sarfaraz.Ahmad at deshaw.com
Mon May 14 08:59:19 UTC 2018
Hi Folks,
I am using WCCP and redirecting traffic to Squid for both HTTP/HTTPS interception.
In this setup, I have spliced most of the Windows updates's services using SNI in squid's acls. Yet even with TCP tunnel, I am getting failures with these messages in the accesslog.
Why could that response time be so high and is that causing the client to close the connection ? When I take the proxy out of the picture(no redirection through WCCP) the updates run just fine.
1526277713.535 119962 10.240.167.24 TCP_TUNNEL_ABORTED/200 3898 CONNECT sls.update.microsoft.com:443<http://sls.update.microsoft.com:443/> - ORIGINAL_DST/13.78.168.230<http://13.78.168.230/> -
1526277833.538 119735 10.240.167.24 TCP_TUNNEL_ABORTED/200 3898 CONNECT sls.update.microsoft.com:443<http://sls.update.microsoft.com:443/> - ORIGINAL_DST/52.229.171.202<http://52.229.171.202/> -
1526277953.501 119808 10.240.167.24 TCP_TUNNEL_ABORTED/200 3898 CONNECT sls.update.microsoft.com:443<http://sls.update.microsoft.com:443/> - ORIGINAL_DST/52.229.171.202<http://52.229.171.202/> -
Any inputs are welcome.
Regards,
Sarfaraz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180514/c4572316/attachment.html>
More information about the squid-users
mailing list