> We've made changes, and are still having issues - do you think using > squid3, changing our values, setting squid to run directly on port 80 > (instead of ipfw redirecting 80 to 3128), or running Linux would solve > the problems (this is on FreeBSD 6.2)? I'm not sure if a FreeBSD/Linux chaneg would solve it. Squid 3.0 has had work done to remove those messages, it's up to you to decide if the absence of some features is a blocker for you. Amos > > The main log messages we're getting are "httpReadReply: Excess data > from" and "httpReadReply: Request not yet fully sent". > > Here's our changes: > Kernel: > Removed the NET_WITH_GIANT option, since aio supposedly works fine > without it (this was turned on before) > Added DEVICE_POLLING, which uses the interface polling method instead of > standard interrupt routines for network interfaces > > added these to /etc/sysctl.conf: > net.inet.tcp.rfc1323=0 > net.inet.tcp.mssdflt=1460 > net.inet.tcp.slowstart_flightsize=27 > net.inet.tcp.hostcache.expire=3900 > kern.polling.burst_max=1000 > kern.polling.idle_poll=0 > kern.polling.each_burst=50 > > added these to /boot/loader.conf (for increasing the host cache table) > net.inet.tcp.tcbhashsize="4096" > net.inet.tcp.hostcache.hashsize="1024" > > the MTU for the GRE interfaces is set to 1514 in the rc.gre script > polling is turned on in /etc/rc.conf for the em0 interface > > > Ryan Thoryk > System Administrator > onShore Networks, LLC > > Ryan Thoryk wrote: >> One thing I found was that the MTU of the GRE interfaces was different >> than the MTU on the routers. I fixed that and am currently testing it. >> >> Adrian Chadd wrote: >>> What you want to do is try and find a tcpdump capture for the broken >>> HTTP flows. >>> >>> I'd make sure window scaling is disabled, ECN is disabled and I'd >>> change the default route TCP MSS to be < 1500 (say, 1400 or 1300.) >>> Make sure if you use GRE then the route GRE is using is 1500. :) >>> >>> (I'm playing around with tproxy at home and I'm having slow loading >>> issues; >>> I have a feeling I'm seeing PMTU related issues. Hm.) >>> >>> >>> >>> Adrian >>> >> >> > >
