* Chris Robertson <crobertson@xxxxxxx> [20050713 01:12]: wrote: > > -----Original Message----- > > From: Odhiambo Washington [mailto:wash@xxxxxxxxxxxx] > > Sent: Tuesday, July 12, 2005 6:26 AM > > To: squid-users@xxxxxxxxxxxxxxx > > Subject: google misses with Squid - major problem > > > > > > > > I am having a strange problem with Squid. I run 2.5STABLE{9|10} in > > a couple servers for my clients. The boxes are all FreeBSD. Squid > > is run in acceleration mode since the boxes do transparent proxying. > > > > The boxes run at different locations. There are like 7 of them so far. > > > > Variously, users on those networks have contacted me with reports that > > they cannot access google (Google redirects us to google.co.ke coz we > > are in Kenya). > > > > The disturbing thing is that the boxes have worked before without any > > problems, but after some time I have received these reports, from 4 > > sites! This is what shows in the access.log when this happens: > > > > 1120452181.031 428 192.168.4.14 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120458625.447 1403 192.168.4.37 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120541558.804 661 192.168.4.37 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120541568.228 341 192.168.4.37 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120555568.628 424 192.168.4.14 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120555587.197 357 192.168.4.14 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120555605.520 406 192.168.4.14 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120624519.863 2989 192.168.4.17 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120624523.116 315 192.168.4.17 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120624611.201 508 192.168.4.17 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > 1120644171.539 493 192.168.4.29 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html > > > > > > What could be the cause of this? Poisoned cache or what? > > > > > > > > -Wash > > What does the Squid error say for that page (what error do browsers see > when using the proxy to get to www.google.co.ke)? The 503 error is > cached (given the NONE in the 9th column), but that can be given for a > number of reasons (Connection Failed, No DNS Entry, Permission Denied > (on web server), actual server error, etc.). Put a request out to your > clients to get a screen capture of the error. > Hello Chris, Thank you for the response. I actually stumbled on the solution to my problem. It happens that I was using the bogons aggregated[1] list on my firewalls and I had not updated the bogons list for quite a number of days as required and IANA seems to have given out 72.0.0.0/5 (or part of) for assignments during this period of slumber ;) google.co.ke falls within this CIDR and that is why I was having the nightmares. I feel so stupid I had to drag this to the squid list, but yes, your suggestions took me to the FAQs and got me reading for the last 3 days, leading to the discovery of my slumber. So thank you so much. [1] http://www.cymru.com/Documents/bogon-bn-agg.txt -Wash -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington <wash@xxxxxxxxxxxx> Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Coward, n.: One who in a perilous emergency thinks with his legs. -- Ambrose Bierce, "The Devil's Dictionary"
