I have a problem that I cant seem to figure out, hopefully somone can help.
I have a single proxy server which does not cache and all users are forced to
go through for internet access. A few users have to download msword, excel and
other random files from several remote webservers (different networks,
operating systems, basically nothing in common remotely). It seems that when
users download txt files there is not a problem but when downloading a msword doc
(or other) it takes 15 minutes to completet the action. The files are not large, under 100kb, so it is like the download does not start for 15 minutes. It is always the same time so I
looked for this value in the squid.conf and found read_timeout. Changing this
from default 15 minutes to 1 minutes allowed the docs to download in 1 min. I thought I was on to
something, but there really must be a better way. I looked at the mime.conf
thinking maybe it was something there but all looks good and in the logs squid is logging the proper mime type.
If users are configured to by pass the proxy all works fine. All web browsing other than the above actions works fine. The load on the proxy server is not an issues, average 0.00 most of the time, as there is only 2 dozen users and the hardware is way overkill.
We only allow access to a list of sites included in a file (80 or so). Here is
our base config:
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl internal src xxx.xxx.0.0/255.255.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl internal_ip dst xxx.0.0.0/8
acl dmz_ip dst xxx.xxx0.0/16
acl allowed_sites dstdomain "/usr/local/squid/etc/goodsites.txt"
acl all_others dst 0.0.0.0/0.0.0.0
http_access allow internal_ip
http_access allow allowed_sites
http_access allow dmz_ip
http_access deny all_others
I also changed read_timeout to:
read_timeout 1 minutes
Does anyone have any insight on why the file view or download would take so long and wait for that timeout? Any way of changing this? Thanks in advance for any help.
Adam
Received on Thu Feb 10 2005 - 12:44:38 MST
This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST