[squid-users] odd wccp issue affecting only some web servers
Amos Jeffries
squid3 at treenet.co.nz
Fri Dec 5 01:22:18 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 5/12/2014 6:58 a.m., Jason Haar wrote:
> Hi there
>
> We have CentOS-6 squid-3.1.10-29 servers that are configured for
> WCCP. They are working - for some web sites. eg "www.slashdot.org"
> works (216.34.181.48), but "slashdot.org" doesn't (216.34.181.45).
> Those are both on the same Class-C subnet.
"Class-C" ? ... oh right, that netmask thing they used to have before
1996. ;-P
>
> What I see is the SYN packet being forwarded for both from our
> Cisco kit to the Linux "wccp0" interface, but only the
> "www.slashdot.org" one leads to squid connecting to that website.
> The other just stops. I can't tell if this is a fault in iptables
> forwarding one and not the other to squid, or a problem with squid
> - but iptables has the easier job so it shouldn't be in there.
> (obviously we don't do any kind of weird, "partial" transparent
> proxy - the iptables rule is to pass all port 80 traffic to squid).
> Also both websites work fine through squid if you use it as a
> normal proxy
>
> Any ideas how to diagnose this, or is this a "that was fixed in a
> newer version that your OS vendor doesn't support" kind of problem
> ;-)
>
One is a HIT the other a MISS?
Squid ACLs?
TCP connection issue?
I suggest finding out what happens to the TCP DATA packets that follow
the SYN. There might be some clues in there, particularly if its a TCP
issue like path-MTU, ECN or Window scaling.
Whether its fixed in a new version is a "maybe". Upgrade and see?
Squid might be trying IPv6 to contact slashdot.org (thus bypassing
your viewing), but it has no AAAA records when I resolve it. So that
is unlikely.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUgQjKAAoJELJo5wb/XPRjckgH/Am25yCkoC6hGF/ghVdwDi7C
ZkvoEmBSHBVSHt7SheScKwuymQxgghtj02veX6y6oEkHSycyhNJfTPW4XXTpYmqf
eMWo+Wqz10U3rc/fcpdz9OuCk76rq/fmnozGcKuG5F5g0oue+SPsPFOzPBt8D1GB
KIwkZKl9aKKfO0BatTMdGnnpP+NH3WB92SgNVW8G21QXvIRh4r5LSDzRa8VF5oTG
dEoFAS/aYMOyLOOZDYMx0LXCuMIJ865+Wle912N9vN6vugK5g1h89RAPtLJ2vPFt
yxP/IH3+zJQLtWj1gV+xgKWpDc3k0+sGzaQcs0j85izm8b93XCWF1SU774c455k=
=QsO6
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list