Martin Pool wrote:
> It may not actually be Squid that is retrying, but rather the TCP/IP
> stack. This behaviour can occur even if Squid only makes a single
> connect(2) call.
Nope. The local port does not change on the retransmissions done by the
TCP/IP stack. The local port gets bound as soon as the connect starts.
> If the site has blackholed packets from that port so that it responds
> with neither a SYN ACK or RST then the operating system will
> retransmit the SYN several times, thinking that it may have got lost
> in the network. This is fine, normal, and in compliance with the
> standards. It is neither a syn flood nor a port scan.
In this case the system rejects connection attempts with either RST or
ICMP PORT UNAVAILABLE. In that case Squid fires a short storm of
connections.
Squid has a quite dumb retrial mechanism that tries to find a path for
the request up to 10 times. If there only is one IP address then it will
go to the same IP all 10 times. If the server has two IP's then it
round-robins between them. If there are peers involved then a few
attempts is sent to the peers..
-- Henrik Nordstrom Squid hackerReceived on Wed Aug 30 2000 - 18:26:03 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:35 MST