[squid-users] SQUID problem with unavailability of Google services

Sun Dec 22 06:38:02 UTC 2024

 No, ssl_bump is not used in any form in Squid, I intentionally reproduced
the problem on the default configuration file.

In access.log i do not observe any questionable recordings when reproducing
the problem:
acl hasRequest has request
access_log daemon:/var/log/squid/access.log squid hasRequest

TCP_TUNNEL/200 39 CONNECT play.google.com:443 - HIER_DIRECT/216.58.212.174 -
TCP_TUNNEL/200 39 CONNECT www.gstatic.com:443 - HIER_DIRECT/142.250.185.195
-
TCP_TUNNEL/200 6623 CONNECT drive.google.com:443 - HIER_DIRECT/
142.250.27.194 -
TCP_TUNNEL/200 13269 CONNECT waa-pa.clients6.google.com:443 - HIER_DIRECT/
142.250.186.138 -

Yes, such messages were present in the cache.log when the Google service
was running. I didn't attach any significant importance to them.

Probably not, rather than yes. Either these messages will appear in the
cache.log with a delay.

вс, 22 дек. 2024 г. в 07:17, Alex Rousskov <rousskov at measurement-factory.com
>:

> On 2024-12-21 12:26, A. Pechenin wrote:
> > This week, when connecting users through a proxy server, some Google
> > services became inaccessible, such as Calendar, Translator, user profile.
>
> Do you use any ssl_bump directives? You have mentioned a test with
> "default configuration file" below. That configuration file does not
> have any ssl_bump directives. When testing with that default
> configuration file, did you add any ssl_bump directives?
>
> If you are not using SslBump, then suggestions regarding "splicing" do
> not apply to your environment -- your Squid is already effectively
> splicing all TLS connections. In this case, please clarify whether
> "Operation timed out" failures that you have mentioned in your second
> post are also reflected in access.log records. You have said that "all
> requests are processed correctly and no errors or prohibitions are
> observed", and I am trying to correlate that statement with those
> timeout errors...
>
>
> > 2024/12/21 21:54:57 kid1| conn43356657 local=MYREALIP:53130
> > remote=142.250.186.142:443 HIER_DIRECT FD 121 flags=1:
> > read/write failure: (60) Operation timed out
> > current master transaction: master13542083
>
> Do you know whether these timeout errors were present when everything
> was working correctly?
>
> Do you always see at least one such timeout error for every case when
> "the page does not open and then a connection error is displayed"? In
> other words, is there a strong correlation between client-side problems
> and these timeout errors in cache.log?
>
>
> Thank you,
>
> Alex.
>
>
> > When clicking on the services section in the browser on the Google
> > portal, the page does not open and then a connection error is displayed.
> > When directly going to the calendar section, the connection also hangs
> > for a long time without loading the page. At the same time, the Google
> > home page, mail, search work.
> >
> > Transparent proxying is not used.
> > Viewing the proxy server logs did not add any understanding, all
> > requests are processed correctly and no errors or prohibitions are
> > observed. There are no other problems with the unavailability of any
> sites.
> >
> > When connecting directly (bypassing the proxy server), all Google
> > services work completely correctly.
> > The platform on which the problem was suddenly discovered:
> > FreeBSD 13.2-RELEASE-p9
> > Squid 6.6
> >
> > A new separate server was deployed for objectivity and finding the
> > cause, but the problem was also reproduced there, its platform.
> > FreeBSD 13.4-RELEASE-p2
> > Squid 6.10
> >
> > I tried using the default configuration file (recommended minimum
> > configuration) to eliminate the problem in my working squid.conf, but
> > the problem remained
> >
> > I repeat, the problem reproduced suddenly, no changes were made to the
> > proxy server configuration on our side, no problems with Google have
> > arisen for many years. What should I pay attention to in the Squid
> > configuration? Any idea
> >
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
> > https://lists.squid-cache.org/listinfo/squid-users
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> https://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20241222/6d1d1f79/attachment.htm>