On 24.09.2012 10:04, Socrates K wrote:
Hi,
I’m trying to configure squid 3.2.1 as a reverse proxy for outlook
web
access on exchange 2010.
Although it seems to work OK I have a strange situation.
When I try to attach a file that is less than 2MB the file is
attached and
everything is OK, but, when the attachment is more than 2Mb then is
tries
some time (too long related to file size) and finally stops with
outlook web
access error (The action you tried to perform couldn't be completed
because
there's a configuration problem on the server. If the problem
continues,
contact your helpdesk.)
Any idea on how to resolve this issue?
Thank you in advance,
squid access.log records the following:
1348435931.778 17 10.49.74.151 TCP_MISS/200 793 POST
https://webmail.domain.com/owa/ev.owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436085.662 153442 10.49.74.151 TCP_MISS/502 4763 POST
https://webmail.domain.com/owa/ev.Owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436160.678 5 10.49.74.151 TCP_MISS/200 487 GET
https://webmail.domain.com/owa/csdc.gif? -
SOURCEHASH_PARENT/10.10.8.10
image/gif
1348436197.992 66 10.49.74.151 TCP_MISS/200 422 GET
https://webmail.domain.com/owa/keepalive.owa -
SOURCEHASH_PARENT/10.10.8.10 -
1348436200.207 320018 10.49.74.151 TCP_MISS/200 1743 GET
https://webmail.domain.com/owa/ev.owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436200.251 5 10.49.74.151 TCP_MISS/200 655 POST
https://webmail.domain.com/owa/ev.owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436231.214 5 10.49.74.151 TCP_MISS/200 487 GET
https://webmail.domain.com/owa/csdc.gif? -
SOURCEHASH_PARENT/10.10.8.10
image/gif
1348436240.893 154540 10.49.74.151 TCP_MISS/502 4763 POST
https://webmail.domain.com/owa/ev.Owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436241.106 9 10.49.74.151 TCP_MISS/200 705 POST
https://webmail.domain.com/owa/ev.owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
squid.conf file
<snip>
ignore_expect_100 on
ignore_expect_100 is obsolete in Squid-3.2.
ssl_unclean_shutdown on
debug_options 11,4
Since you are recording the full HTTP traffic headers. Do you see those
502 being received from the server? or is something else happening and
being translated into 502 by Squid?
https_port webmail.domain.com:443 accel
cert=/etc/squid/cert/CA_Cert.pem
key=/etc/squid/cert/CA_Cert.pem defaultsite=webmail.domain.com
cache_peer 10.10.8.10 parent 443 0 no-query proxy-only no-digest
front-end-https=on connection-auth=on sourcehash originserver
login=PASS ssl
sslcafile=/etc/squid/cert/inner.pem ssl ssldomain=*.inner.domain.com
sslflags=DONT_VERIFY_PEER name=autodiscoverServer
forceddomain=webmail.domain.com
NP: you only have one cache_peer. Doing a sourcehash selection on it is
meaningless extra work for Squid.
Squid does not have anything to do with object sizes on the wire. It is
all just opaque bytes flowing through.
Amos
