Hi All, I have run into a problem with not being able to access a few specific things on the web when running through our local proxy. Some details: * The current setup is a Linux box running squid 3.1.19. * This is being run behind a pfsense box that is load balancing our two internet connections * Both internet connections are behind the same proxy (we are actually on a private network), which is set as the parent for our internal proxy * Squid is running in intercept mode With this setup, most things work as expected; I can visit web pages, watch youtube videos, upload attachments to gmail. However, some things are not working. The easiest example is speedtest.net. I can run the download test, but the upload test always fails. Trying to watch content on tvnz.co.nz (on demand content) does not work either. When running traffic without our internal proxy (ie direct to the parent) everything works fine. I'm stuck and can't find any solutions. Here is what I have tried so far: * First, I was hoping to run squid on the pfsense box, but ran into similar problems, so I tried to isolate the problem by putting in the Linux box. (never a bad idea to be running more recent version of squid either, it may be needed shortly for some of the newer features anyway) * Instead of running my full squid.conf, I am using the default squid.conf with just the extra line to access the parent (cache_peer 10.55.240.250 parent 3128 3130 no-query default login=PASS) * I've read bits and pieces about similar problems dealing with sysctl and some ipv4 settings. None of this seemed to apply, and what I did try didn't work. * Checking on the specific web pages in firefox using firebug and I can see some 504 errors (seemingly only on POST) - this lead me to check the logs for POST with 504 errors (see logs below) * Checked the problem in IE, Chrome and Firefox * Lots of googleing and reading of squid documentation Here is what is showing in the squid logs where there is a 504 with a POST, you'll notice that most are for the local speedtest.net testing. I figured not much point finding lots of sites when just a few are causing problems. 1342030821.058 59542 10.161.128.34 TCP_MISS/504 4301 POST http://speedtest.worldnet.co.nz/speedtest.net/speedtest/upload.php? - DIRECT/202.169.192.58 text/html 1342030821.058 59536 10.161.128.34 TCP_MISS/504 4300 POST http://speedtest.worldnet.co.nz/speedtest.net/speedtest/upload.php? - DIRECT/202.169.192.58 text/html 1342039010.134 60806 10.161.128.34 TCP_MISS/504 4285 POST http://rt1403.infolinks.com/action/doq.htm? - DIRECT/64.71.153.213 text/html 1342039947.624 59642 10.161.128.34 TCP_MISS/504 4834 POST http://c.brightcove.com/services/messagebroker/amf? - DIRECT/8.19.200.152 text/html 1342040562.565 61340 10.161.128.34 TCP_MISS/504 4469 POST http://2975c.v.fwmrm.net/ad/p/1? - DIRECT/75.98.70.31 text/html 1342040573.047 59531 10.161.128.34 TCP_MISS/504 4834 POST http://c.brightcove.com/services/messagebroker/amf? - DIRECT/8.19.200.152 text/html 1342040679.001 59688 10.161.128.34 TCP_MISS/504 4838 POST http://c.brightcove.com/services/messagebroker/amf? - DIRECT/64.152.208.202 text/html 1342040700.694 59871 10.161.128.34 TCP_MISS/504 4469 POST http://2975c.v.fwmrm.net/ad/p/1? - DIRECT/75.98.70.31 text/html 1342040742.908 60168 10.161.128.34 TCP_MISS/504 4295 POST http://speedtest.orcon.net.nz/speedtest/upload.php? - DIRECT/219.88.241.70 text/html 1342040742.908 60162 10.161.128.34 TCP_MISS/504 4296 POST http://speedtest.orcon.net.nz/speedtest/upload.php? - DIRECT/219.88.241.70 text/html 1342042640.381 60407 10.161.128.34 TCP_MISS/504 4295 POST http://speedtest.orcon.net.nz/speedtest/upload.php? - DIRECT/219.88.241.70 text/html 1342042640.381 60026 10.161.128.34 TCP_MISS/504 4297 POST http://speedtest.orcon.net.nz/speedtest/upload.php? - DIRECT/219.88.241.70 text/html 1342042921.326 60879 10.161.128.34 TCP_MISS/504 4831 POST http://c.brightcove.com/services/messagebroker/amf? - DIRECT/64.152.208.202 text/html Any suggestions about getting the rest of the web up running through our local squid would be most appreciated. Cheers, Ben
