[squid-users] Squid TCP_TUNNEL_ABORTED/200
Amos Jeffries
squid3 at treenet.co.nz
Sun May 5 07:03:31 UTC 2024
On 4/05/24 11:17, Emre Oksum wrote:
> >In this case, all your tcp_outgoing_addr lines being tested. Most of
> >them will not match.
> Sorry I'm not really a Squid guy I was working on it due to a job that I
> took but I cannot figure this out. What do you mean most of them do not
> match? Does it mean Squid checks every ACL one by one that is defined in
> config to find the correct IPv6 address?
Yes, exactly so.
Each tcp_outgoing_address line of squid.conf is checked top-to-bottom,
the ACLs on that line tested left-to-right against the Squid local-IP
the client connected to.
Most will non-match (as seen in the trace snippet you showed).
One should match, at which point Squid uses the IP address on that
tcp_outgoing_address line.
As mentioned earlier, this is all on *outgoing* Squid-to-server
connections. tcp_outgoing_* directives have no effect on the client
connection.
> If that's the case I still
> didn't understand why Squid randomly sends Connection Reset flag to
> client.
That is what we are trying to figure out, yes.
I asked for the cache.log trace so I could look through and see when one
of the problematic connections was identified by Squid as closed, and
whether that was caused by something else Squid was doing - or whether
the signal came to Squid from the OS.
Which would tell us whether Squid had sent it, or if the OS had sent
it to both Squid and client.
I/we will need a full cache.log trace from before a problematic
connection was opened, to after it fails. At least several seconds
before and after.
Cheers
Amos
More information about the squid-users
mailing list