Search squid archive

Squid TCP_TUNNEL_ABORTED/200

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi everyone,

I'm having a issue with Squid Cache 4.10 which I cannot fix for weeks now and kinda lost at the moment. I will be appreciated if someone can guide me through the issue I'm having.
I need to create a IPv6 HTTP proxy which should match the entry address to outgoing TCP address. For example, if user is connecting from fe80:abcd::1 it should exit the HTTP proxy from the same address. We got like 50k addresses like this at the moment.
The issue is, client connecting to the proxy is receiving "EOF" or "FLOW_CONTROL_ERROR" on their side. When I test connection by connecting to whatismyip.com everything works fine and entry IP always matches with outgoing IP for each of the 50k addresses. Client tells me this problem occurs both at GET and POST requests with around 10 MB of data.
I initially thought that could be related to server resources being drained but upon inspecting server resource usage, Squid isn't even topping at 100% CPU or RAM anytime so not that.

My Squid.conf is like this at the moment:

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
acl auth_users proxy_auth REQUIRED
http_access allow auth_users
http_access deny !auth_users
cache deny all
dns_nameservers <nameservers here>
dns_v4_first off
via off
forwarded_for delete
follow_x_forwarded_for deny all
server_persistent_connections off
max_filedesc 1048576
max_filedescriptors 1048576
workers 8
http_port [::0]:1182
acl binding1 myip  fe80:abcd::1
tcp_outgoing_address  fe80:abcd::1 binding1
acl binding2 myip  fe80:abcd::2
tcp_outgoing_address  fe80:abcd::2 binding2
acl binding3 myip  fe80:abcd::3
tcp_outgoing_address  fe80:abcd::3 binding3
...
...
...
access_log /var/log/squid/access.log squid
cache_store_log none
cache deny all

I've tried to get a PCAP file and realized when client tries to connect with a new IPv6 address, Squid is not trying to open a new connection instead tries to resume a previously opened one on a different outgoing IPv6 address. I set server_persistent_connections off which should have disabled this behavior but it's still the same. I tried using a newer version of Squid but it behaved differently and did not follow my outgoing address specifications and kept connecting on IPv4.

I would be appreciated if someone can help me out here.
Thank you.
Emre

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux