Search squid archive

Re: Problems with hotmail and facebook - rev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 14 Nov 2010 18:38:06 -0800 (PST), Landy Landy
<landysaccount@xxxxxxxxx> wrote:
> --- On Sun, 11/14/10, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
> 
>> From: Amos Jeffries <squid3@xxxxxxxxxxxxx>
>> Subject: Re:  Problems with hotmail and facebook
>> To: "Landy Landy" <landysaccount@xxxxxxxxx>
>> Cc: squid-users@xxxxxxxxxxxxxxx
>> Date: Sunday, November 14, 2010, 8:27 PM
>> On Sun, 14 Nov 2010 17:04:10 -0800
>> (PST), Landy Landy
>> <landysaccount@xxxxxxxxx>
>> wrote:
>> > --- On Sun, 11/14/10, Amos Jeffries <squid3@xxxxxxxxxxxxx>
>> wrote:
>> > 
>> >> From: Amos Jeffries <squid3@xxxxxxxxxxxxx>
>> >> Subject: Re:  Problems with hotmail
>> and facebook
>> >> To: "Landy Landy" <landysaccount@xxxxxxxxx>
>> >> Cc: squid-users@xxxxxxxxxxxxxxx
>> >> Date: Sunday, November 14, 2010, 7:42 PM
>> >> On Sun, 14 Nov 2010 16:19:41 -0800
>> >> (PST), Landy Landy
>> >> <landysaccount@xxxxxxxxx>
>> >> wrote:
>> >> > Someone suggested to disable pmtu on squid
>> and on the
>> >> linux gw.
>> >> > 
>> >> > I was able to disable it on linux: 
>> >> > 
>> >> > echo 1 >Â
>> /proc/sys/net/ipv4/ip_no_pmtu_disc 
>> >> > 
>> >> > That hasn't change anything.
>> >> > 
>> >> > Now, do I really need to disable it on squid
>> in order
>> >> to work? I read
>> >> this:
>> >> > 
>> >> > disable-pmtu-discovery=
>> >> > Control Path-MTU discovery usage:
>> >> > off lets OS decide on what to do (default).
>> >> > transparent disable PMTU discovery when
>> transparent
>> >> support is enabled.
>> >> > always disable always PMTU discovery.
>> >> > 
>> >> > In many setups of transparently intercepting
>> proxies
>> >> Path-MTU
>> >> > discovery can not work on traffic towards the
>> clients.
>> >> This is
>> >> > the case when the intercepting device does
>> not fully
>> >> track
>> >> > connections and fails to forward ICMP must
>> fragment
>> >> messages
>> >> > to the cache server. If you have such setup
>> and
>> >> experience that
>> >> > certain clients sporadically hang or never
>> complete
>> >> requests set
>> >> > disable-pmtu-discovery option to
>> 'transparent'.
>> >> > 
>> >> > but, that option is "unrecognized" by squid.
>> Is it
>> >> really necessary to
>> >> > disable it on squid? If so, how?
>> >> 
>> >> Strange. That option is accepted in all 3.0 and
>> later
>> >> releases.
>> >> Â http_port ... disable-pmtu-discovery=off
>> >> 
>> >> Being the default it should not need to be set.
>> But wont
>> >> hurt for
>> >> debugging.
>> >> 
>> >> 
>> > Amos.
>> > 
>> > I've tried with both 3.0.24 and 3.1.9:
>> > 
>> > 2010/11/14 20:57:24| cache_cf.cc(363)
>> parseOneConfigFile: squid.conf:406
>> > unrecognized: 'disable-pmtu-discovery=off'
>> > optimum-router:/home/landysaccount#
>> /usr/local/squid3/sbin/squid
>> > 
>> > 2010/11/14 20:58:30| cache_cf.cc(363)
>> parseOneConfigFile: squid.conf:406
>> > unrecognized: 'disable_pmtu_discovery=off'
>> > 
>> > 
>> > 2010/11/14 21:00:38| cache_cf.cc(363)
>> parseOneConfigFile: squid.conf:406
>> > unrecognized: 'disable-pmtu-discovery'
>> > 
>> 
>> Ah, it is a flag on http_port lines. Not a line by itself.
>> I don't think its related to the problem though. The
>> details so far given
>> have been that the reply is broken and not being processed
>> well. PMTU
>> breakage leads to a "zero sized reply" error.
>> 
>> > I'm going crazy with this hotmail problem can't get it
>> working again. I
>> > had to disable squid and just forward all traffic,
>> even though it works,
>> I
>> > need squid running in the middle.
>> > 
>> > What do you suggest???
>> > 
>> 
>> Can you grab a tcpdump of one of these failing replies
>> please?
>> 
>> Amos
>> 
> Amos.
> 
> I ran two tcpdump and they are at:
> 
> www.optimumrd.com/dumpresult1
> and
> www.optimumrd.com/dumpresult2
> also my squid.conf is at:
> www.optimumrd.com/squid.conf

I'm getting deja vu looking at that trace. Did you send me one earlier?

> 
> When I access hotmail.com the logon screen comes up. Next, I input my
> credentials and it gets submited and thats when it hangs on "Waiting for
> mail.live.com" and get this:
> 
> ERROR
> 
> El URL solicitado no se ha podido conseguir
> 
> Mientras se intentaba traer el URL: http://mail.live.com/default.aspx?
> 
> Ha ocurrido el siguiente problema:
> 
> Error de lectura
> El sistema ha devuelto el siguiente mensaje:
> 
>     (104) Connection reset by peer
> Ha ocurrido algÃn problema mientras se leÃan datos de la red. Por favor,
> intÃntelo de nuevo.

This is a different error to the one earlier. The hotmail server(s) are
blocking/rejecting your access.

I think this particular one is due to their HTTPS authentication checking
IPs. The workaround to that is tproxy or not proxying for hotmail.

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux