Re: [squid-users] (104) Connection reset by peer GET or POST

Hi

NOTE:
This list appears to reply to the original sender rather than the list.

I have been getting the same problem on my caching server when dowloading
large files, like WinXP's SP1 ~44MB or other large files.

The machine I was testing from has a 1.5Mbps ADSL, on a P4-1.5GHz with 1GB of
RAM. The server is on a T3 and has a PIII-650MHz with 768MB Ram an 18GB drive
for the RedHat 7.3 OS and squids logs plus 4 9GB drives for squid's cache.

I am using WCCP with a Cisco 3600 for "transparent" proxying.

If anyone has suggetions on how I could improve my configuration to give me
better performance I would appreciate that as well.

Here are my details.

Squids squid.conf file
Note IP's and domain names have been obscured
### CUT ###
http_port 3128
icp_port 3130
tcp_outgoing_address 255.255.255.255
udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist hotmail.com
hierarchy_stoplist ifriends.net
hierarchy_stoplist updates.compu-quote.com
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 384 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 64 MB
minimum_object_size 1 KB
maximum_object_size_in_memory 128 KB
ipcache_size 8192
ipcache_low 96
ipcache_high 98
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
cache_dir ufs /var/cache/squid 8105 16 256
cache_dir ufs /var/cache/squi2 8105 16 256
cache_dir ufs /var/cache/squi3 8178 16 256
cache_dir ufs /var/cache/squi4 8178 16 256
cache_store_log none
ftp_user nobody@domain.name
ftp_list_width 75
ftp_passive on
ftp_sanitycheck off
dns_retransmit_interval 1 seconds
dns_timeout 2 minutes
redirect_rewrites_host_header off
request_header_max_size 16 KB
request_body_max_size 0
half_closed_clients off
ident_timeout 1 seconds
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl ourzone src 26.7.23.0/255.255.255.0
acl snmpzone src 18.11.9.12
acl domain srcdomain domain.name
acl edmdialup src 27.3.5.0/255.255.255.0
acl snmppublic snmp_community VerySecret:)
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow manager ourzone
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow all
http_access deny all
icp_access allow ourzone
cache_mgr superbeing
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
append_domain .domain.name
cachemgr_passwd YahRight all
acl banks dstdomain .businessbanking.cibc.com
always_direct allow banks
snmp_port 3401
snmp_access allow snmppublic localhost
snmp_access allow snmppublic snmpzone
snmp_access deny all
wccp_router 26.7.23.1
uri_whitespace allow
ie_refresh on
### CUT ###

Clipping from my "Firewall" configuration.
### CUT ###
-A input -s 0.0.0.0/0.0.0.0 -d 26.7.23.2 3128:3128 -p 6 -j ACCEPT -y
-A input -s 0.0.0.0/0.0.0.0 -d 26.7.23.2 80:80 -p 6 -j ACCEPT -y
-A input -s 0.0.0.0/0.0.0.0 -d 26.7.23.2 8080:8080 -p 6 -j DENY -y
-A input -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 80:80 -p 6 -j REDIRECT 3128
-A input -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 8080:8080 -p 6 -j REDIRECT 3128
-A input -s 26.7.23.0/255.255.255.0 -d 26.7.23.2 3130:3130 -p 17 -j ACCEPT
-A input -s 0.0.0.0/0.0.0.0 -d 26.7.23.2 3130:3130 -p 17 -j DENY
-A input -s 0.0.0.0/0.0.0.0 2048:2048 -d 0.0.0.0/0.0.0.0 2048:2048 -p 17 -j ACCEPT
-A input -s 18.11.9.12 -d 26.7.23.2 3401:3401 -p 17 -j ACCEPT
-A input -s 0.0.0.0/0.0.0.0 -d 26.7.23.2 88:88 -p 6 -j ACCEPT -y
-A input -s 0.0.0.0/0.0.0.0 -d 26.7.23.2 443:443 -p 6 -j ACCEPT -y
### CUT ###

Max Erixon wrote:
> Aloha!
>
> I have a problem. We have developed a web application which is hosted on two
> domains (actually, also two hosting companies).
>
> Quite often the client receive the following error:
>
> ERROR
> The requested URL could not be retrieved
>
> -----------------------------------------------------------------
>
> While trying to retrieve the URL:
> http://www.xxxxxx.com/nbs20/asp/register/ipc.asp?
>
> The following error was encountered:
>
> Read Error
> The system returned:
>
> (104) Connection reset by peer
> An error condition occurred while reading data from the network. Please
> retry your request.
>
> Your cache administrator is support@xxxxx.com.
>
>
>
> -----------------------------------------------------------------

...snip...
>
> Regards,
> Max.
>
>
Received on Mon Sep 16 2002 - 11:56:29 MDT