I thought I would share my experience of the seemingly obscure cause of this
symptom.... as I can't believe that I am the only person who has had this
problem...
After comparing packet traces just using the bare telnet client from Linux
to working and non-working sites, I found that the problem seemed to be
linked to tcp_timestamps support:
It seems that (my installation of) Linux 7.x has tcp_timestamps enabled and
present in the outgoing SYN. Those sites which were having problems were
responding with tcp_timestamps also present in the SYN/ACK TCP options, but
there was must have been something about these which caused Linux to
immediately send RST and start over again. Responding sites which didn't
include tcp_timestamps in the options completed handshaking and continued as
normal.
When I set net.ipv4.tcp_timestamps = 0, the problem went away...(while I was
there, and after it was working, I switched off tcp_window_scaling and
tcp_sack just in case)
I understand nothing, but it works now.
If anyone can shed some light on what might be going on here, I would read
with interest...
Regards
Phil DG
-----Original Message-----
From: Damian-Grint, Philip [mailto:pdamian-grint@collierscre.co.uk]
Sent: 20 May 2002 23:59
To: Squid-Users (E-mail)
Subject: [squid-users] 110 Timeouts
Hello,
Perhaps this is one of those obvious newbie things that everyone gets when
they start with Squid, but it seems that however I build my Squid server, I
consistently get a number of (the same) sites which are unaccessible
(response 110 timed out connection), but come up ok when I go direct... most
sites are not a problem. Occasionally, one or two of these might come up
after a long wait...
Here are some examples of inaccessible urls:
http://uk.greetings.yahoo.com
http://www.baa.co.uk
http://www.canon.co.uk
http://www.gnupg.org
http://www.marasystems.com
yet for each of these there are many sites which have no problem at all...
sometimes (apparently) even part of the same site for which I have problems
in other parts of the site... e.g. www.bbc.co.uk/weather is fine, but
www.bbc.co.uk/news or www.bbc.co.uk/sport will always time out (I think they
both redirect to news.bbc.co.uk)
Linux 7.2, Latest STABLE6 tarball, behind a transparent (Guardian) firewall
with all outbound ports open for the squid server
Is there something about the way these sites behave that I'm not handling
properly... is there some specific information which would help further?
Thankyou
Phil DG
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________
Received on Tue May 21 2002 - 08:43:00 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:10 MST