El 16/09/13 18:35, John McGowan escribió:
Hi,
First, a brief background: I'm using squid as a non caching proxy
server within Amazon AWS to serve as a common place for my web
applications to make API requests to third parties. This is because
many of the 3rd parties I connect to have private API servers that use
a firewall to lock down where requests can be made from. The requests
are typically coming from PHP/curl, and I've simply added proxy
configuration to the curl options and everything works as it should.
Most of the time.
I probably wouldn't have noticed this problem under normal usage. The
other day I needed to make a script that tested connectivity to 100+
of these 3rd party (private) api servers to make sure that they all
have their firewalls configured properly. I noticed during these
tests that a few of them randomly fail when I run the test. This was
when I was running the test from the app servers behind the proxy, so
to narrow things down I decided to run the same PHP testing script
from the actual proxy server using localhost:3128 as the proxy
address. With that setup I get the same result. *Some* of the
servers I'm testing a connection to fail *some* of the time. This
type of failure seems to happen after about 3 seconds, regardless of
what I set the curl timeouts to.
To try to narrow things down even further I decided to modify the
script running on the proxy server to not use the proxy server at all.
When I do that, everything passes 100% of the time.
So, I know that there is some sort of problem when I get squid
involved, and I'm suspecting that the problem is more than likely due
to something on the other end not playing nice with a proxy server
(occasionally).
However, I know that it's going to be next to impossible to get the
people that control these various API servers to track down some issue
that doesn't play nice with my proxy server, especially when I know it
works without the proxy involved.
Note, we're always using https to make these connections.
Can anybody with more squid experience think of a configuration
problem on my end of things that might be causing my proxy to be less
tolerant of a quirky server at the other end, or possibly with
something between my proxy and the server?
I'm happy to provide my simple configuration for squid if that helps.
squid defaults connect_retries to 0
try setting it to something and see if the 503 errors frequency are
lower with this.