Search squid archive

Re: Exchange WebServices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 7/03/2012 6:27 a.m., Fuchs, Martin wrote:

Hi !

Does anyone use Exchange-WebServices with squid ?
We have it up and running with squid 3.1.19 under freebsd with the following config-options, but it takes very long to establish the first connection.
When directly natting ews it's much faster.


https_port xxx.xxx.xxx.xxx:443 accel cert=/usr/local/etc/squid/4f50b44b67bf9.crt key=/usr/local/etc/squid/4f50b44b67bf9.key defaultsite=g1.xxx.de
cache_peer yyy.yyy.yyy.yyy parent 443 0 proxy-only no-query originserver login=PASS connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/owa.*$
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/exchange.*$
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/public.*$
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/exchweb.*$
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/ecp.*$
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/OAB.*$
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/Microsoft-Server-ActiveSync.*$
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/rpc/rpcproxy.dll.*$
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/rpcwithcert/rpcproxy.dll.*$


As opposed to the faster method:

  acl HTTPS proto HTTPS
  acl OWA dstdomain g1.xxx.de

  cache_peer_access OWA_HOST_pfs allow HTTPS OWA
  http_access allow HTTPS OWA
If you really must enumerate all the individual services for some reason, use urlpath_regex like so: 

  acl OWA dstdomain g1.xxx.de
  acl OWA dstdomain g1.xxx.de

  acl OWA_pfs url_regex -i ^/owa ^/exchange ^/public

  ... etc.

  cache_peer_access OWA_HOST_pfs allow HTTPS OWA OWA_pfs
  http_access allow HTTPS OWA OWA_pfs


ignore_expect_100 on
acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/EWS.*$
cache_peer_access OWA_HOST_pfs allow OWA_URI_pfs
cache_peer_access OWA_HOST_pfs deny allsrc
never_direct allow OWA_URI_pfs
http_access allow OWA_URI_pfs

in the access.log we get the following errors

1331048055.562      6 207.46.14.63 TCP_MISS/401 312 POST https://g1.xxx.de/EWS/Exchange.asmx - FIRST_UP_PARENT/OWA_HOST_pfs -
1331048055.929      6 207.46.14.63 TCP_MISS/401 705 POST https://g1.xxx.de/EWS/Exchange.asmx - FIRST_UP_PARENT/OWA_HOST_pfs -
1331048056.186    138 207.46.14.63 TCP_MISS/200 1422 POST https://g1.xxx.de/EWS/Exchange.asmx - PINNED/OWA_HOST_pfs text/xml

Does anyone have any experiences or ideas ?
ignore_expect_100 could be the reason. Exchange tries to use Expect:100-continue feature sometimes. Your browser may be timing out before it sends POST'd data.
Although that said, the above POST look to be part of an NTLM handshake and only taking 150ms. 

Amos
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux