Search squid archive

Re: TCP_TUNNEL/500 in squid logs in squid 5.9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi

Further discussion happened on https://bugs.squid-cache.org/show_bug.cgi?id=5274 and has more details.

But yes, the issue is the same for a connection just from squid logs: how to know if a request has passed or failed.

Regards
Sachin

On Mon, Jun 12, 2023 at 1:51 PM <ngtech1ltd@xxxxxxxxx> wrote:
Hey Sachin,

What's the issue?
That the logs don't reflect the reality?

Thanks,
Eliezer


From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of sachin gupta
Sent: Thursday, May 25, 2023 18:21
To: squid-users@xxxxxxxxxxxxxxxxxxxxx
Subject: TCP_TUNNEL/500 in squid logs in squid 5.9

Hi All

We are migrating for squid 4.15 to squid 5.9. We are running our existing test suite to check if we pass our sanity testing.

For requests in transparent mode, though request passes and client get 200, in squid logs we are getting TCP_TUNNEL/500. We were not getting this issue with squid 4.15.

Client logs

curl -v https://origin/cache/0
*   Trying 10.80.96.68:443...
* TCP_NODELAY set
* Connected to origin (10.80.96.68) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=US; ST=CA; L=SF; O=SFDC; OU=0:ns.tester;1:mvp;2:mist51;3:na44;4:dev1; CN=origin
*  start date: Jul 26 06:59:41 2022 GMT
*  expire date: Jul 26 06:59:41 2023 GMT
*  subjectAltName: host "origin" matched cert's "origin"
*  issuer: C=US; ST=CA; L=SF; O=SFDC; OU=Edge; CN=ca
*  SSL certificate verify ok.
> GET /cache/0 HTTP/1.1
> Host: origin
> User-Agent: curl/7.67.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: origin
< Date: Thu, 25 May 2023 15:08:57 GMT
< Connection: close
< Content-Type: application/json
< Content-Length: 162
< Cache-Control: public, max-age=0
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Credentials: true
<
{"args":{},"headers":{"Accept":"*/*","Host":"origin","User-Agent":"curl/7.67.0","X-Origin-Server":"origin"},"origin":"10.80.96.3","url":"https://origin/cache/0"}
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):

Squid access logs

[25/May/2023:15:08:57]      31 http://10.80.96.6:51028 - NONE_NONE/000 0 CONNECT http://10.80.96.68:443 tester HIER_NONE/- - - tester 746573746572 dagobah [-] - [-] - [-] - 0 0 - - [origin]
[25/May/2023:15:08:57]     40 http://10.80.96.6:51028 - TCP_TUNNEL/500 800 CONNECT origin:443 tester HIER_DIRECT/origin 10.80.96.68 - tester 746573746572 dagobah [-] - [-] - [-] - 1969 2769 4 33 [origin]

Can someone please help in this.

Regards
Sachin

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux