Search squid archive

Re: Exchange 2010 and 502 Bad Gateway

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 8/23/2013 2:33 AM, Amos Jeffries wrote:

On 23/08/2013 8:18 p.m., Bill Houle wrote:
For the next in my continuing Exchange saga, let's talk 502 errors. I've got a couple different instances.
1) ActiveSync sends periodic 'Ping' requests to implement its "server push" feature.
potential problem #1: what type of keep-alive request? the old HTTP/1.0 "Keep-Alive:" header is deprecated, not supported by Squid and does not actually work most places anyway. 

Requests are HTTP 1.1 style.
It uses a back-off algorithm to eventually settle on a timing value that it knows the network can support:
potential problem #2: are they using HTTP/1.1 1xx status codes from the server as this sync ping or HTTP/1.0 simple request/reply pairs?
Keeping in mind that this is Microsoft after all, no, it looks like they do not do much handling of the status codes. Either a 200 OK is received and it keeps listening, or all others trigger a sync and a timing adjustment.
Squid older than 3.2 do not support the 1xx status response. So is there any HTTP/1.0 software along the network path? (including Squid up to version 3.1). 

Not in this case, but to your point, this is not a guarantee for all cases.
This is where we come back to the whole design of this being a terrible way to operate. 

Oh well.

But enough about ActiveSync...
2) Next problem is OWA (WebMail). OWA is designed to mimic Outlook, so if Outlook can support 10Meg attachments, so can OWA. A user tries to send a large attachment...
When I raised this issue, it was basically a repeat of a similar question posted on this list last year: 

http://www.squid-cache.org/mail-archive/squid-users/201209/0272.html
The answer at the time was the expected "Squid doesn't care about size". And it doesn't. But there was never an actual resolution from the standpoint of making Exchange work properly. In case anyone else is interested in the solution, I have to thank kiphat@singleuser. He broke out wireshark and discovered that SSL 2.0 key negotiation was breaking the connection. 

http://singleuser.blogspot.com/2013/05/exchange-owaoutlook-anywhere-proxy-with.html?m=1
When SSL 3.0 was forced on the Squid cache_peer, all was right with the world. We made the same change and now appear to be in a similar state of nirvana. 

--bill
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux