Re: Squid/Cisco trans proxy from Marc Lucke on 2000-01-25 (squid-users)

From: Marc Lucke <hohum@dont-contact.us>
Date: Wed, 26 Jan 2000 11:22:25 +1100

I am running Rehat Linux 6. Is this known to work with the Cisco/Squid
trans proxy? Is a recompilation of the kernel with different options
necessary? (I have read that it shouldn't be & if it were, then why does it
still work with most clients?)

> From: "hohum@sydney.cc" <hohum@sydney.cc>
> Reply-To: hohum@sydney.cc
> Date: Tue, 25 Jan 2000 17:27:36 -0500
> To: "hno@hem.passagen.se" <hno@hem.passagen.se>, "info@talent.com.au"
> <info@talent.com.au>, "squid-users@ircache.net" <squid-users@ircache.net>
> Subject: Re: Re: Squid/Cisco trans proxy
> Resent-From: squid-users@ircache.net
> Resent-Date: Tue, 25 Jan 2000 14:27:22 -0800 (PST)
>
> Thanks Henrik,
>
> Did you see my later message? I have completed a tcpdump & found out that
> what is happening is that the router is sending an ICMP redirect to the client
> to go to our proxy & the proxy is sending an ICMP redirect to the client to go
> to our router - it gets caught in a loop & goes nowhere.
>
> Yes, if the client specifies using a proxy (cascading or not) it works.
>
> Path MTU discovery is on on my Linux box but as per above, I dodn't think this
> is the problem.
>
> In Linux, I have tried:
>
> echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
>
> with no effect. I have also tried ...conf/all/send_redirects with no effect.
>
> The way I read this is that Redhat Linux is telling the remote router - 'hey,
> go to the source' whilst I want it to say 'ah, a www packet - I'd better grab
> that!
>
> Why do I seem to be the only one having this problem? Have I missed something
> perhaps?
>
>
> Cheers,
> Marc
>
>
> Original Message:
>
> -----------------
> Marc Lucke wrote:
>
>> Trans proxy works fine when I use a route map on IOS 11.2 for most except
>> those people via a remote router & I just cannot figure out why.
>
> Maybe the router silently drops too large packets without fragmenting
> them...
>
> Some test to narrow it down:
>
> Does it work if the user configures their browsers to use your cache as
> a proxy (or as a parent proxy if they have a local proxy/cache)?
>
> If not, does it work if you also enable Path MTU discovery on the proxy?
>
> --
> Henrik Nordstrom
> Squid hacker
>
>
>
>
>
> -------------------------------------------------------------------
> This message has been posted from Mail2Web http://www.mail2web.com/
> Web Hosting for $9.95 per month! Visit: http://www.yourhosting.com/
> -------------------------------------------------------------------
>
Received on Tue Jan 25 2000 - 17:21:25 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:42 MST