[squid-users] TCP_TUNNEL/500 internal server error bandwidth impact
Alex Rousskov
rousskov at measurement-factory.com
Wed Sep 27 17:39:50 UTC 2023
On 2023-09-27 09:30, Marko Cupać wrote:
> 1695680000.912 69973 10.X.X.X TCP_TUNNEL/500 8503669 CONNECT ipv4-c002-beg001-oriontelekom-isp.1.oca.nflxvideo.net:443 some.gal HIER_DIRECT/93.93.192.146 -
> 1695679277.395 876830 10.X.X.X TCP_TUNNEL/500 105991027 CONNECT rostov1.nebula.to:443 some.guy HIER_DIRECT/37.48.76.251 -
> 1695710735.004 271 10.X.X.X TCP_TUNNEL/500 10076 CONNECT nav.smartscreen.microsoft.com:443 some.guy HIER_DIRECT/51.104.176.40 -
> 1695710735.117 35652 10.X.X.X TCP_TUNNEL/500 6696 CONNECT g.live.com:443 some.gal HIER_DIRECT/68.219.88.225 -
> 1695710735.228 126910 10.X.X.X TCP_TUNNEL/500 6831 CONNECT enterprise-eudb.activity.windows.com:443 some.otherguy HIER_DIRECT/40.118.94.234 -
> 1695710735.343 218 10.X.X.X TCP_TUNNEL/500 7854 CONNECT smartscreen.microsoft.com:443 some.othergal HIER_DIRECT/51.104.176.40 -
> 1695710735.668 125756 10.X.X.X TCP_TUNNEL/500 997 CONNECT teams.microsoft.com:443 - HIER_DIRECT/52.123.129.14 -
>
> Are these really remote server errors?
Most likely, your Squid is suffering from Squid bug #5274:
https://bugs.squid-cache.org/show_bug.cgi?id=5274
If it is suffering from that bug, then the answer to your question is
most likely "no" -- most of these TCP_TUNNEL/500 entries, especially
those that last for a long time and transfer a lot of bytes, probably
correspond to regular tunneled/spliced TLS connections rather than
server errors.
HTH,
Alex.
More information about the squid-users
mailing list