Richi Plana wrote:
> This has been consistent in ALL of our installations and we've used
> different Cisco routers (7200's, 2500's, etc.) and different CIOS versions
> (11.3.x, 12.0.x). We've followed the FAQ and Installation guide to the
> letter. There has to be someone else who's experienced this. Are we doing
> something wrong or is there really a problem with Squid?
If it works when you configure the browser to use Squid as a proxy, then
there is a problem with how traffic is redirected to Squid.
If Squid stops to function as a proxy when you install the redirection
then there is for sure a problem with your redirection rules (probably
redirecting Squid back on itself)
What setup are you currently trying?
Are you using a plain port policy route, or something fancier?
What is the smallest Path MTU used in the path from Squid to the
browser?
Plain port policy routing will mess up Path MTU discovery. Try disabling
MTU discovery on the proxy by running "echo 1
>/proc/sys/net/ipv4/ip_no_pmtu_disc", or by configururing the client side network interface to use a very small MTU.
If disabling MTU discovery does help, then use that as a temporary
solution. However, I do not recommend using it as a permanent solution
to the problem. The permanent fix is to make sure the relevan ICMP
"destination unreachable" messages is redirected properly to the cache
server, and not only TCP port 80.
-- Henrik Nordstrom Squid hackerReceived on Mon Feb 07 2000 - 14:05:15 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:51:00 MST