Search squid archive

Re: SSL Stops responding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 20/01/11 10:53, James P. Ashton wrote:
Hi all,
  It appears that after about 2 months of up time I has a pair of squid servers stop servicing SSL at the same time. Both are running CentOS 5.5 fully updated.

Version: 3.0.STABLE25-1.el5 (from the rpmforge repository)

Servers are default CentOS 5.5 install with no packages or package groups installed outside of base.  Only squid from rpmforge.
They are Dell 2950s with Solid state cache drives. 16G of ram each.
They are running in accelerator mode. The config is posted below.
They are behind a load balancer. The traffic to about a dozen sites are balanced across these 2 servers.

No errors in the error log, No errors in the cache log and nothing in the access log other than no requests for any SSL domains. It appears as if the requests were simply not getting to squid.

Netstat showed 2 connections to port 443.  Both were off-site addresses.

You mean the visitor was "off-site" or the destination site was not one of yours?

NP: your last http_access rule is "deny purge" instead of "deny all" which means the implicit default is "allow all". The accel flags should have blocked direct access, but someone may have found a way around that.


Restarting squid solved the issue. Connections were getting through immediately.

All this time non SSL (Port 80 / HTTP) requests were working with no problems.


Any thoughts on this?

Something weird with the certificates? or maybe something worse with the listening socket in the stack level?

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE9 or 3.1.10
  Beta testers wanted for 3.2.0.4


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux