On 2/6/10, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > Adrian Buciuman wrote: > > Hi, > > > > Running squid 2.6 STABLE 21 from Centos 5. > > > > I've seen a issue with a site. The problem is that the browser locks > > for some time, and only afterwards the user is able to interact with > > the site. (The site has Flash based content or something similar). My > > feeling is that this annoying delay is bigger when using squid than > > when using direct connection to Internet. I believe the browser is > > waiting for some tracking/adware gifs to load, and the webserver is > > down. If using direct connection, the connection to the ads-server > > will timeout in 20-30 seconds, the browser will display a > > gif-placeholder, and the user can happily use the site (or they can > > reload the page to see all the ads :-) ). If using squid, the timeout > > will occur after a longer time. > > > > I've used tcpdump to find how is squid managing timeouts and retries. > > Is looks squid is retrying a TCP connection to the origin webserver > > for 3 times.This retry happens even if the webserver has only one IP. > > Each of the three connection attempts consists of multiple SYN sent. > > In the default config, Squid will return a failure to the browser > > after 3 minutes (connect_timeout is set to 1 minute) > > > > Lucky you. Squid-2.6 tries 10 times. But something is timing it out before > all 10 are completed. It tries only 3 times because of the fix for this: http://bugs.squid-cache.org/show_bug.cgi?id=14 I'll use wireshark to find out how are the Firefox and IE handling timeouts, especially for sites with multiple IPs. If their behavior differs significantly from that of Squid, I'll open a bug report about this. Users should not see a lack of responsiveness when their network is switch from direct access to proxy-based access to the Internet. Adrian Buciuman
