Op 9-3-2010 21:42, Jan Houtsma schreef: > Op 9-3-2010 21:37, Henrik Nordström schreef: > >> tis 2010-03-09 klockan 19:49 +0100 skrev Jan Houtsma: >> >> >> >>> Yes. The wget was from the squid server itself where using the proxy it >>> fails, and using direct internet connection it works. >>> >>> >> What does access.log say when it fails? Do the reported server address >> match what you expect it to be for the requested host? >> >> > 1268167273.909 250 192.168.1.16 TCP_MISS/503 4234 GET > http://www.google.com/ - DIRECT/www.google.com text/html > > >> >> >>> So when squid is forwarding the http-GET request it fails. But when wget >>> itself sends the http-GET request it works. >>> >>> >> Perhaps time to fire up wireshark to look at the traffic.. >> >> The error message received is very low level.. squid could not even open >> the TCP connection to the server. >> >> Regards >> Henrik >> >> > Yea, will do that > Just did it. When doing wget 1st time to http://www.google.nl via squid i only see DNS traffic on the outgoing interface for resolving www.google.com. Squid already issued a "service unavailable" to wget (immediatelly!!). See below! While i keep tcpdump running and issue the wget a second or third time i see the tcp negotiations and traffic on port http going and wget succeeds! Here i don't see the DNS traffic any more!! Looks like squid already knows?? Has DNS caching in squid something to do with this? ----------------------- [22:45:root@pegasus /var/log/squid]# http_proxy=http://localhost:3128 wget -O /dev/null -S http://www.google.com/ <--------- 1st: THIS IS WHERE IT DOESN'T WORK! ----------------------- [22:45:root@pegasus /var/log/squid]# tcpdump -i eth0 -s0 -vv ip tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 22:45:50.111063 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 60) houtsma.net.56106 > resolver.xs4all.nl.domain: [bad udp cksum d6de!] 59919+ A? www.google.com. (32) 22:45:50.125372 IP (tos 0x0, ttl 62, id 29641, offset 0, flags [none], proto UDP (17), length 128) resolver.xs4all.nl.domain > houtsma.net.56106: [udp sum ok] 59919 q: A? www.google.com. 4/0/0 www.google.com. CNAME www.l.google.com., www.l.google.com. A 74.125.79.147, www.l.google.com. A 74.125.79.99, www.l.google.com. A 74.125.79.104 (100) 22:45:53.408520 IP (tos 0x0, ttl 64, id 36680, offset 0, flags [DF], proto TCP (6), length 60) houtsma.net.39183 > ey-in-f104.1e100.net.http: Flags [S], cksum 0x3979 (correct), seq 292815461, win 5840, options [mss 1460,sackOK,TS val 98602285 ecr 0,nop,wscale 7], length 0 22:45:53.427563 IP (tos 0x0, ttl 56, id 19849, offset 0, flags [none], proto TCP (6), length 60) ey-in-f104.1e100.net.http > houtsma.net.39183: Flags [S.], cksum 0xd0d2 (correct), seq 1498252574, ack 292815462, win 5672, options [mss 1430,sackOK,TS val 3192179883 ecr 98602285,nop,wscale 6], length 0 22:45:53.427642 IP (tos 0x0, ttl 64, id 36681, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.39183 > ey-in-f104.1e100.net.http: Flags [.], cksum 0x1567 (correct), seq 1, ack 1, win 46, options [nop,nop,TS val 98602304 ecr 3192179883], length 0 22:45:53.428005 IP (tos 0x0, ttl 64, id 36682, offset 0, flags [DF], proto TCP (6), length 264) houtsma.net.39183 > ey-in-f104.1e100.net.http: Flags [P.], cksum 0xb86b (incorrect -> 0x9d30), seq 1:213, ack 1, win 46, options [nop,nop,TS val 98602304 ecr 3192179883], length 212 ----------------------- [22:45:root@pegasus /var/log/squid]# http_proxy=http://localhost:3128 wget -O /dev/null -S http://www.google.com/ <--------- 2d: THIS IS WHERE IT WORKS! ----------------------- 22:45:56.652791 IP (tos 0x0, ttl 64, id 36684, offset 0, flags [DF], proto TCP (6), length 264) houtsma.net.39183 > ey-in-f104.1e100.net.http: Flags [P.], cksum 0xb86b (incorrect -> 0x8c5f), seq 213:425, ack 832, win 59, options [nop,nop,TS val 98605529 ecr 3192179907], length 212 22:45:56.678413 IP (tos 0x0, ttl 56, id 19852, offset 0, flags [none], proto TCP (6), length 883) ey-in-f104.1e100.net.http > houtsma.net.39183: Flags [P.], cksum 0x6a0f (correct), seq 832:1663, ack 425, win 123, options [nop,nop,TS val 3192183133 ecr 98605529], length 831 22:45:56.678488 IP (tos 0x0, ttl 64, id 36685, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.39183 > ey-in-f104.1e100.net.http: Flags [.], cksum 0xf3c1 (correct), seq 425, ack 1663, win 72, options [nop,nop,TS val 98605555 ecr 3192183133], length 0 22:45:56.730067 IP (tos 0x0, ttl 64, id 20901, offset 0, flags [DF], proto TCP (6), length 60) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [S], cksum 0x0c3e (correct), seq 344312707, win 5840, options [mss 1460,sackOK,TS val 98605606 ecr 0,nop,wscale 7], length 0 22:45:56.748270 IP (tos 0x0, ttl 56, id 5538, offset 0, flags [none], proto TCP (6), length 60) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [S.], cksum 0x73e0 (correct), seq 1926270343, ack 344312708, win 5672, options [mss 1430,sackOK,TS val 2750084304 ecr 98605606,nop,wscale 6], length 0 22:45:56.748333 IP (tos 0x0, ttl 64, id 20902, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [.], cksum 0xb874 (correct), seq 1, ack 1, win 46, options [nop,nop,TS val 98605625 ecr 2750084304], length 0 22:45:56.748608 IP (tos 0x0, ttl 64, id 20903, offset 0, flags [DF], proto TCP (6), length 263) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [P.], cksum 0xb895 (incorrect -> 0xcb19), seq 1:212, ack 1, win 46, options [nop,nop,TS val 98605625 ecr 2750084304], length 211 22:45:56.769684 IP (tos 0x0, ttl 56, id 5539, offset 0, flags [none], proto TCP (6), length 52) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [.], cksum 0xb74f (correct), seq 1, ack 212, win 106, options [nop,nop,TS val 2750084326 ecr 98605625], length 0 22:45:56.777785 IP (tos 0x0, ttl 56, id 5540, offset 0, flags [none], proto TCP (6), length 1470) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [.], cksum 0x2a8f (correct), seq 1:1419, ack 212, win 106, options [nop,nop,TS val 2750084332 ecr 98605625], length 1418 22:45:56.777817 IP (tos 0x0, ttl 64, id 20904, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [.], cksum 0xb1c8 (correct), seq 212, ack 1419, win 68, options [nop,nop,TS val 98605654 ecr 2750084332], length 0 22:45:56.779493 IP (tos 0x0, ttl 56, id 5541, offset 0, flags [none], proto TCP (6), length 1470) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [.], cksum 0x4c0e (correct), seq 1419:2837, ack 212, win 106, options [nop,nop,TS val 2750084332 ecr 98605625], length 1418 22:45:56.779528 IP (tos 0x0, ttl 64, id 20905, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [.], cksum 0xac26 (correct), seq 212, ack 2837, win 90, options [nop,nop,TS val 98605656 ecr 2750084332], length 0 22:45:56.781237 IP (tos 0x0, ttl 56, id 5542, offset 0, flags [none], proto TCP (6), length 1470) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [.], cksum 0xb7ba (correct), seq 2837:4255, ack 212, win 106, options [nop,nop,TS val 2750084332 ecr 98605625], length 1418 22:45:56.781267 IP (tos 0x0, ttl 64, id 20906, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [.], cksum 0xa683 (correct), seq 212, ack 4255, win 113, options [nop,nop,TS val 98605658 ecr 2750084332], length 0 22:45:56.782195 IP (tos 0x0, ttl 56, id 5543, offset 0, flags [none], proto TCP (6), length 453) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [P.], cksum 0xbcc6 (correct), seq 4255:4656, ack 212, win 106, options [nop,nop,TS val 2750084332 ecr 98605625], length 401 22:45:56.782225 IP (tos 0x0, ttl 64, id 20907, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [.], cksum 0xa4db (correct), seq 212, ack 4656, win 135, options [nop,nop,TS val 98605659 ecr 2750084332], length 0 22:45:56.798265 IP (tos 0x0, ttl 56, id 5544, offset 0, flags [none], proto TCP (6), length 1470) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [.], cksum 0x54f0 (correct), seq 4656:6074, ack 212, win 106, options [nop,nop,TS val 2750084352 ecr 98605654], length 1418 22:45:56.798297 IP (tos 0x0, ttl 64, id 20908, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [.], cksum 0x9f17 (correct), seq 212, ack 6074, win 157, options [nop,nop,TS val 98605675 ecr 2750084352], length 0 22:45:56.799937 IP (tos 0x0, ttl 56, id 5545, offset 0, flags [none], proto TCP (6), length 1441) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [FP.], cksum 0x4b68 (correct), seq 6074:7463, ack 212, win 106, options [nop,nop,TS val 2750084352 ecr 98605654], length 1389 22:45:56.800341 IP (tos 0x0, ttl 64, id 20909, offset 0, flags [DF], proto TCP (6), length 52) houtsma.net.60662 > ey-in-f147.1e100.net.http: Flags [F.], cksum 0x9990 (correct), seq 212, ack 7464, win 179, options [nop,nop,TS val 98605677 ecr 2750084352], length 0 22:45:56.819230 IP (tos 0x0, ttl 56, id 5546, offset 0, flags [none], proto TCP (6), length 52) ey-in-f147.1e100.net.http > houtsma.net.60662: Flags [.], cksum 0x99c2 (correct), seq 7464, ack 213, win 106, options [nop,nop,TS val 2750084375 ecr 98605677], length 0 ^C 32 packets captured 32 packets received by filter 0 packets dropped by kernel Thanks, -- jan
