Search squid archive

RE: Regarding long pauses with Squid3 as a reverse proxy to Exchange 2010 OWA

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Amos
I suspect I may have come across another situation related to chunked
Transfer-Encoding although I am not sure yet.

I have verified that using a HTC Desire I can successfully sync email,
calendar and notes including sending new calendar items and new email and
replies to emails.

However, when I try this using an iPhone (3GS, running IOS 4.0.1) it cannot
send email.  Pulling data (calendar, email) from Exchange works OK though.

Squid is replying with a 501 error.  I have increased debugging on the squid
reverse proxy and notice the iPhone is sending a post request, which I have
included below (certain private values replaced), which Squid does not like.

POST
/Microsoft-Server-ActiveSync?User=username&DeviceId=fjsdlfjlsdjflskj&DeviceTy
pe=iPhone&Cmd=SmartReply HTTP/1.1
Host: external.server.name
Content-Type: application/vnd.ms-sync.wbxml
Ms-Asprotocolversion: 14.0
User-Agent: Apple-iPhone2C1/801.306
X-Ms-Policykey: 4281201554
Authorization: Basic asjlfjdal;sjdfl;ajsdf;lajsl;f
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
Transfer-Encoding: Chunked

What causes Squid to issue a 501 reply?  Is it related to Transfer-Encoding?

Thanks

Paul

-----Original Message-----
From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] 
Sent: Thursday, 26 August 2010 10:20 AM
To: squid-users@xxxxxxxxxxxxxxx
Subject: RE:  Regarding long pauses with Squid3 as a reverse
proxy to Exchange 2010 OWA

On Thu, 26 Aug 2010 08:17:23 +1000, "Paul Freeman"
<paul.freeman@xxxxxxxxxx> wrote:
> Amos,
> Thank you for your analysis and comments.  I appreciate them greatly.
> 
> I have looked at another packet capture for a session between the client
> browser and exchange 2010 OWA via http but without squid in between
them.
> The headers are as below:
> 
> GET /owa/14.0.702.0/scripts/premium/startpage.js HTTP/1.1
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> application/vnd.ms-excel, application/vnd.ms-powerpoint,
> application/msword,
> application/x-shockwave-flash, application/x-ms-application,
> application/x-ms-xbap, application/vnd.ms-xpsdocument,
> application/xaml+xml,
> */*
> Accept-Language: en-au
> UA-CPU: x86
> Accept-Encoding: gzip, deflate
> User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR
> 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR
3.5.21022;
> .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
> Host: the.exchange.server
> Connection: Keep-Alive
> 
> HTTP/1.1 200 OK
> Cache-Control: public,max-age=2592000
> Transfer-Encoding: chunked
> Content-Type: application/x-javascript
> Content-Encoding: gzip
> Last-Modified: Fri, 25 Sep 2009 04:59:56 GMT
> Accept-Ranges: bytes
> ETag: "c08cce69d3dca1:0"
> Vary: Accept-Encoding
> Server: Microsoft-IIS/7.5
> X-Powered-By: ASP.NET
> X-UA-Compatible: IE=EmulateIE7
> Date: Wed, 25 Aug 2010 05:19:21 GMT
> 
> The browser (IE7) is using HTTP 1.1.  Apart from the GET request
specifying
> HTTP 1.1 there is no difference to the request sent by squid included in
my
> original email.
> 
> However, I notice that this time IIS replies with a Transfer-Encoding
> header
> (chunked) which was not present in the scenario where squid was acting
as a
> reverse proxy.  All the other headers are the same as when using squid. 

> 
> Also, there is still no Content-Length header sent by IIS.
> 
> I am not familiar with the HTTP specifications at all.  Is it OK that
squid
> sends a HTTP 1.0 request with an Accept-Encoding header or is the issue
> with
> chunked Transfer-Encoding?

I think it is doing its failover to non-chunked HTTP/1.0 badly.

With chunked encoding each 4KB or so chunk of the body is labeled with an
indicator of how long it is, and a final empty chunk sent at the end. There
is no Content-Length header required because of the known chunk sizes.

However in that first trace it was not doing the chunking and thus no size
info gets back to Squid at all in the HTTP level stuff.

This compatibility problem is resolved in 3.1 series which are HTTP/1.1
toward servers. I have 3.1.3 and supporting packages available for Ubuntu
at https://launchpad.net/~yadi/+archive/ppa, with 3.1.7 coming in a week or
so when it makes it into Debian.

Amos

> 
> Is IIS actually not replying correctly to a HTTP 1.0 request?

Yes and no. The HTTP part is valid, but it's maybe failing the TCP/IP
level close.

> 
> I will take a look at the packet captures to see if IIS is sending the
FIN
> at
> the completion of sending the request data.
> 
> Regards
> 
> Paul
> -----Original Message-----
> From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] 
> Sent: Wednesday, 25 August 2010 8:46 PM
> To: squid-users@xxxxxxxxxxxxxxx
> Subject: Re:  Regarding long pauses with Squid3 as a
reverse
> proxy to Exchange 2010 OWA
> 
> Paul Freeman wrote:
>> Apologies in advance for the long posting.  I have tried to provide
what
>> I
>> hope is sufficient information to explain a problem I am experiencing.
>> 
> 
> Excellent collection of details. Thank you.
> I'm going to snip most of them
> 
> 
> After reading I have a theory ...
> 
> A detailed look at the wireshark trace packets during the lag period 
> will be needed to verify.
> 
>   The reply HTTP headers coming from Exchange appear to have no 
> Content-Length: header telling Squid how much data is following. This 
> places responsibility for FINishing the connection squarely in Exchanges

> hands.
> 
>   What needs checking in wireshark is whether Exchange actually sends 
> that FIN packet following the object data.
>   Unless there is some secret information OWA knows about to close the 
> transaction from its end, there is no way for Squid or OWA to know the 
> end has come. So they wait.
> 
> 
> You may find that 3.1.7 fairs better since it advertises 1.1 to Exchange

> and that may be enough to fool Exchange into handing back some useful 
> information such as the object chunk sizes to Squid.
>   I may be able to provide a source package bundle in a few days for 
> that if you need one.
> 
> Amos
 

__________ Information from ESET Smart Security, version of virus signature
database 5397 (20100825) __________

The message was checked by ESET Smart Security.

http://www.eset.com
 
 

__________ Information from ESET Smart Security, version of virus signature
database 5407 (20100829) __________

The message was checked by ESET Smart Security.

http://www.eset.com
 



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux