[squid-users] Spliced domains tunnel connect is very slow
Ben Goz
ben.goz87 at gmail.com
Wed Oct 18 12:21:13 UTC 2023
By the help of God.
Hi,
I saw in my access log a traces that shows that spliced URLs tunneling is
very slowly:
18/Oct/2023:15:18:50 +0300 240841 192.168.3.98 TCP_TUNNEL/200 6225 CONNECT
beacons2.gvt2.com:443 - HIER_DIRECT/172.217.0.67 - beacons2.gvt2.com -
splice -
18/Oct/2023:15:18:50 +0300 680 192.168.3.173 TCP_TUNNEL/500 4977 CONNECT
mobile.events.data.microsoft.com:443 - HIER_DIRECT/13.89.178.26 -
mobile.events.data.microsoft.com - splice -
18/Oct/2023:15:18:51 +0300 127307 192.168.3.97 TCP_TUNNEL/500 3101 CONNECT
array612.prod.do.dsp.mp.microsoft.com:443 - HIER_DIRECT/20.54.24.148 -
array612.prod.do.dsp.mp.microsoft.com - splice -
18/Oct/2023:15:18:51 +0300 741 192.168.3.73 TCP_TUNNEL/200 4978 CONNECT
v10.events.data.microsoft.com:443 - HIER_DIRECT/52.182.143.211 -
v10.events.data.microsoft.com - splice -
18/Oct/2023:15:18:51 +0300 1 192.168.84.150 NONE_NONE/000 0 CONNECT
104.46.162.224:443 - HIER_NONE/- - v10.vortex-win.data.microsoft.com -
splice -
18/Oct/2023:15:18:51 +0300 956 192.168.2.78 TCP_TUNNEL/200 4979 CONNECT
v10.events.data.microsoft.com:443 - HIER_DIRECT/52.182.143.211 -
v10.events.data.microsoft.com - splice -
18/Oct/2023:15:18:51 +0300 156658 192.168.3.110 TCP_TUNNEL/200 2293 CONNECT
ssl.gstatic.com:443 - HIER_DIRECT/172.217.22.35 - ssl.gstatic.com - splice -
18/Oct/2023:15:18:51 +0300 251723 192.168.3.110 TCP_TUNNEL/200 4428 CONNECT
ssl.gstatic.com:443 - HIER_DIRECT/142.251.142.195 - ssl.gstatic.com -
splice -
18/Oct/2023:15:18:51 +0300 165983 192.168.3.110 TCP_TUNNEL/200 5572 CONNECT
clientservices.googleapis.com:443 - HIER_DIRECT/172.217.22.99 -
clientservices.googleapis.com - splice -
This is my squid configurations:
acl NoSSLInterceptRegexp_always ssl::server_name --client-requested
"/usr/local/squid/etc/splice.list"
acl alwaysBump ssl::server_name --client-requested storage.googleapis.com
youtubei.googleapis.com www.eset.com eset.com safebrowsing.googleapis.com
play.google.com
on_unsupported_protocol tunnel
acl DiscoverSNIHost at_step SslBump1
ssl_bump peek DiscoverSNIHost
ssl_bump bump alwaysBump - Used to bumd certain subdomains before the
whole domain is bumped.
ssl_bump splice NoSSLInterceptRegexp_always
ssl_bump stare all
Other CONNECT requests are served noramly.
Is this issue could be a root cause for the generally slow internet?
Thanks,
Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20231018/d8f35a1f/attachment.htm>
More information about the squid-users
mailing list