On 17/12/10 08:45, Ming Fu wrote:
Hi,
When using squid 3.1.9 and ssl-bump, access to
https://www.e-secure-it.com/info.html will cause squid RESPMOD to
pause for about 2 minutes when sending the body playload to the ICAP
server. The payload will eventually arrive. Just can't explain what
happens during the 2 minute.
Tcpdump on port 443 show that there is a pause during the end of SSL
transaction with the e-secure. The time of the port 443 pause
correlates to the pause of ICAP body upload. But there is no such
pause when browser is direct connected to the e-secure site without
squid in the middle.
You seem to have answered your own question. Sending stuff to that ICAP
server is very slow.
Other things to consder:
* Did the packets actually stop completely at that point? or did
something else happen?
* look at DNS etc as well. Squid may be waiting on the ICAP server
name to resolve.
* take a full packet traces (tcpdump -s 0 ...) and see what is
actually being transfered to/from ICAP. It could be non-HTTP, broken
syntax, or any kind of secondary encoding inside a HTTPS security channel.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.9
Beta testers wanted for 3.2.0.3
