Search squid archive

RE: Re: Slow basic authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thank you, Amos -- it had to do with the dual NICs on the server, and weird routing between the two subnets represented.

-----Original Message-----
From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx]
Sent: Thursday, August 19, 2010 5:52 AM
To: squid-users@xxxxxxxxxxxxxxx
Subject: EXTERNAL: Re:  Slow basic authentication

Bucci, David G wrote:
> Hi - I've got Squid configured on both the client and server (reference recent discussions on establishing an SSL tunnel for all traffic from a client to a server -- I'm using that configuration, though I've yet to turn on the SSL).
> 
> I'm seeing inconsistent, and generally slow behavior when accessing our origin server, which requires basic authentication.  Sometimes the browser prompts for uid/pw, sometimes it doesn't, and often it takes a loooong time.
> 

Since you don't have the SSL yet it should be easy to grab a packet trace of the headers flowing between the two Squid and see whats going on that takes so long.

> Using the Windows distro of 2.7 from Acme, build 8.
> 
> Are there any tuning options necessary when caching against servers that send back a 401 initially?  Though I didn't think it was correct, I've tried login=PASS on the cache_peer line in the client.
> 

Should not matter 401 challenge headers are supposed to be passed straight through Squid.

> Note that I have cache deny all set, on both the client and the serve, and proxy-only in the client's cache_peer parent line -- we're proxying access to web service calls, all of which should return unique results, so no caching needed/wanted.
> 

Squid still needs to pass them through store in transit. Ensuring the presence of a Content-Length header can prevent Squid falling back on disk storage for temporary unknown-length objects. And a cache_mem at least big enough to store the required in-transit ones lets them fly past quickly.

I don't think that is related to the problem though.

> When I set Firefox to NOT use the procy, there I no slowdown, I get immediately prompted for uid/pw.
> 

Amos
--
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.6
   Beta testers wanted for 3.2.0.1


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux