--- On Sun, 11/14/10, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > From: Amos Jeffries <squid3@xxxxxxxxxxxxx> > Subject: Re: Problems with hotmail and facebook > To: "Landy Landy" <landysaccount@xxxxxxxxx> > Cc: squid-users@xxxxxxxxxxxxxxx > Date: Sunday, November 14, 2010, 8:27 PM > On Sun, 14 Nov 2010 17:04:10 -0800 > (PST), Landy Landy > <landysaccount@xxxxxxxxx> > wrote: > > --- On Sun, 11/14/10, Amos Jeffries <squid3@xxxxxxxxxxxxx> > wrote: > > > >> From: Amos Jeffries <squid3@xxxxxxxxxxxxx> > >> Subject: Re: Problems with hotmail > and facebook > >> To: "Landy Landy" <landysaccount@xxxxxxxxx> > >> Cc: squid-users@xxxxxxxxxxxxxxx > >> Date: Sunday, November 14, 2010, 7:42 PM > >> On Sun, 14 Nov 2010 16:19:41 -0800 > >> (PST), Landy Landy > >> <landysaccount@xxxxxxxxx> > >> wrote: > >> > Someone suggested to disable pmtu on squid > and on the > >> linux gw. > >> > > >> > I was able to disable it on linux: > >> > > >> > echo 1 > > /proc/sys/net/ipv4/ip_no_pmtu_disc > >> > > >> > That hasn't change anything. > >> > > >> > Now, do I really need to disable it on squid > in order > >> to work? I read > >> this: > >> > > >> > disable-pmtu-discovery= > >> > Control Path-MTU discovery usage: > >> > off lets OS decide on what to do (default). > >> > transparent disable PMTU discovery when > transparent > >> support is enabled. > >> > always disable always PMTU discovery. > >> > > >> > In many setups of transparently intercepting > proxies > >> Path-MTU > >> > discovery can not work on traffic towards the > clients. > >> This is > >> > the case when the intercepting device does > not fully > >> track > >> > connections and fails to forward ICMP must > fragment > >> messages > >> > to the cache server. If you have such setup > and > >> experience that > >> > certain clients sporadically hang or never > complete > >> requests set > >> > disable-pmtu-discovery option to > 'transparent'. > >> > > >> > but, that option is "unrecognized" by squid. > Is it > >> really necessary to > >> > disable it on squid? If so, how? > >> > >> Strange. That option is accepted in all 3.0 and > later > >> releases. > >> http_port ... disable-pmtu-discovery=off > >> > >> Being the default it should not need to be set. > But wont > >> hurt for > >> debugging. > >> > >> > > Amos. > > > > I've tried with both 3.0.24 and 3.1.9: > > > > 2010/11/14 20:57:24| cache_cf.cc(363) > parseOneConfigFile: squid.conf:406 > > unrecognized: 'disable-pmtu-discovery=off' > > optimum-router:/home/landysaccount# > /usr/local/squid3/sbin/squid > > > > 2010/11/14 20:58:30| cache_cf.cc(363) > parseOneConfigFile: squid.conf:406 > > unrecognized: 'disable_pmtu_discovery=off' > > > > > > 2010/11/14 21:00:38| cache_cf.cc(363) > parseOneConfigFile: squid.conf:406 > > unrecognized: 'disable-pmtu-discovery' > > > > Ah, it is a flag on http_port lines. Not a line by itself. > I don't think its related to the problem though. The > details so far given > have been that the reply is broken and not being processed > well. PMTU > breakage leads to a "zero sized reply" error. > > > I'm going crazy with this hotmail problem can't get it > working again. I > > had to disable squid and just forward all traffic, > even though it works, > I > > need squid running in the middle. > > > > What do you suggest??? > > > > Can you grab a tcpdump of one of these failing replies > please? > > Amos > Amos. I ran two tcpdump and they are at: www.optimumrd.com/dumpresult1 and www.optimumrd.com/dumpresult2 also my squid.conf is at: www.optimumrd.com/squid.conf When I access hotmail.com the logon screen comes up. Next, I input my credentials and it gets submited and thats when it hangs on "Waiting for mail.live.com" and get this: ERROR El URL solicitado no se ha podido conseguir Mientras se intentaba traer el URL: http://mail.live.com/default.aspx? Ha ocurrido el siguiente problema: Error de lectura El sistema ha devuelto el siguiente mensaje: (104) Connection reset by peer Ha ocurrido algún problema mientras se leían datos de la red. Por favor, inténtelo de nuevo. I suspect there might be a config option that's messing things up but, again, things were working normal for a while until this week. If you need more info let me know. Thanks.
