On 3/8/07, Henrik Nordstrom <henrik@henriknordstrom.net> wrote:
> tor 2007-03-08 klockan 18:46 -0500 skrev Chris Nighswonger:
>
> > It can. The default page will not load with squid in-line. No errors
> > at all in access.log. The browser just hangs. This happens after squid
> > forwards an HTTP 1.0 packet. The entire packet exchange dies at this
> > point. With squid out of line, the same packe is HTTP 1.1 and the page
> > loads right up.
>
> That smells more like a tcp windows issue than an HTTP/1.1 issue..
ok
> If on Linux try the following workaround:
>
> echo 0 >/proc/sys/net/ipv4/tcp_window_scaling
>
> this works around quite many broken firewalls not coping well with
> window scaling, but significantly scarifies performance over long
> distance connections (measured in RTT * bandwidth, not miles)...
I can try this tomorrow.
> For what it's worth I had no problem loading the start page using
> Firefox via Squid-2.
Up untill a week or so ago, I had no problems with Firefox/Squid-2 either... :(
> Testing.. Ah, yes. There is a broken firewall at this site crashing
> window scaling..
>
> http://wiki.squid-cache.org/SquidFaq/SystemWeirdnesses?highlight=%28window%29%7C%28scaling%29#head-699d810035c099c8b4bff21e12bb365438a21027
>
> Someone should contact the site operators explaining the problem to
> them..
I read the info at the link above. Are you suggesting that the issue
is a broken firewall on ncsecu.org? If that is the issue, I'll have a
chat with them.
Thanks again,
Chris
Received on Thu Mar 08 2007 - 17:13:53 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 31 2007 - 13:00:01 MDT