[squid-users] "NF getsockopt(SO_ORIGINAL_DST)" filling cache.log due to AWS ELB healthchecks

Amos Jeffries squid3 at treenet.co.nz
Thu Oct 29 21:31:31 UTC 2015


On 30/10/2015 9:51 a.m., John Smith wrote:
> The outbound traffic from the L1proxy instance in question connects to a
> public IP / DNS name of an ELB in another AWS region.
> We need to send some traffic to a different AWS region, thus the mess below:
> 
> AWS instances (clients) ->
> AWS internal ELB for L1 proxies -> AWS L1 proxy instances ->
> a different AWS internal ELB for  L1 proxy cluster -> a different AWS L1
> proxy instance (this is where we have the problem is with 'intercept or
> transparent) ->
> *One AWS region above, a different AWS region below*
> AWS external (publicly addressable) ELB for L2 proxies in a different AWS
> region -> AWS L2 proxy instances -> the Internet
> 
> These AWS instances have both internal IPs and public IPs, and they don't
> really know about their own public IPs.  That may be part or all of the
> confusion.
> 
> AWS ELBs are published as DNS names, they have multiple IPs, and we are
> using DNS to connect to them.

Okay. I suspect I know what is going on now. Before I confuse things any
more by mentioning it...

Could you send me a wireshark trace of a small bunch of the connections
coming to Squid?  Along with the DNS name for the ELB the clients are
connecting to.

Amos



More information about the squid-users mailing list