AW: [squid-users] https from different Subnet not working from Jarosch, Ralph on 2009-07-14 (squid-users)

From: Jarosch, Ralph <Ralph.Jarosch_at_justiz.niedersachsen.de>
Date: Wed, 15 Jul 2009 07:43:52 +0200

I found the section which rewrite the request in my cache.log.

Can someone explain what happens there.

2009/07/15 06:51:56| cbdataValid: 0x17f684f8
2009/07/15 06:51:56| redirectHandleRead: {http:/golem.de 10.39.119.9/- - CONNECT}
2009/07/15 06:51:56| cbdataValid: 0x1808d4a8
2009/07/15 06:51:56| cbdataUnlock: 0x1808d4a8
2009/07/15 06:51:56| clientRedirectDone: 'erv-justiz.niedersachsen.de:443' result=http:/golem.de
2009/07/15 06:51:56| init-ing hdr: 0x1808f160 owner: 1
2009/07/15 06:51:56| appending hdr: 0x1808f160 += 0x1808ec00
2009/07/15 06:51:56| created entry 0x17f726f0: 'User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)'
2009/07/15 06:51:56| 0x1808f160 adding entry: 50 at 0
2009/07/15 06:51:56| created entry 0x17fcc870: 'Proxy-Connection: Keep-Alive'
2009/07/15 06:51:56| 0x1808f160 adding entry: 41 at 1
2009/07/15 06:51:56| created entry 0x17fc3190: 'Content-Length: 0'
2009/07/15 06:51:56| 0x1808f160 adding entry: 14 at 2
2009/07/15 06:51:56| created entry 0x17fcbd80: 'Host: erv-justiz.niedersachsen.de'
2009/07/15 06:51:56| 0x1808f160 adding entry: 27 at 3
2009/07/15 06:51:56| created entry 0x17fcc990: 'Pragma: no-cache'
2009/07/15 06:51:56| 0x1808f160 adding entry: 37 at 4
2009/07/15 06:51:56| 0x1808f160 lookup for 37
2009/07/15 06:51:56| 0x1808f160: joining for id 37
2009/07/15 06:51:56| 0x1808f160: joined for id 37: no-cache
2009/07/15 06:51:56| 0x1808f160 lookup for 7
2009/07/15 06:51:56| 0x1808f160 lookup for 7
2009/07/15 06:51:56| 0x1808f160 lookup for 40
2009/07/15 06:51:56| 0x1808f160 lookup for 52
2009/07/15 06:51:56| clientInterpretRequestHeaders: REQ_NOCACHE = SET
2009/07/15 06:51:56| clientInterpretRequestHeaders: REQ_CACHABLE = NOT SET
2009/07/15 06:51:56| clientInterpretRequestHeaders: REQ_HIERARCHICAL = NOT SET
2009/07/15 06:51:56| clientProcessRequest: CONNECT 'http.justiz.niedersachsen.de:443'
2009/07/15 06:51:56| aclCheckFast: list: (nil)
2009/07/15 06:51:56| aclCheckFast: no matches, returning: 1
2009/07/15 06:51:56| sslStart: 'CONNECT http.justiz.niedersachsen.de:443'
2009/07/15 06:51:56| comm_open: FD 58 is a new socket
2009/07/15 06:51:56| fd_open FD 58 http.justiz.niedersachsen.de:443
2009/07/15 06:51:56| comm_add_close_handler: FD 58, handler=0x463e31, data=0x1808d378

> -----Ursprüngliche Nachricht-----
> Von: Jarosch, Ralph [mailto:Ralph.Jarosch_at_JUSTIZ.NIEDERSACHSEN.DE]
> Gesendet: Dienstag, 14. Juli 2009 11:40
> An: squid-users_at_squid-cache.org
> Betreff: AW: [squid-users] https from different Subnet not working
>
> > -----Ursprüngliche Nachricht-----
> > Von: adrian.chadd_at_gmail.com [mailto:adrian.chadd_at_gmail.com] Im
> Auftrag
> > von Adrian Chadd
> > Gesendet: Dienstag, 14. Juli 2009 11:16
> > An: Jarosch, Ralph
> > Cc: squid-users_at_squid-cache.org
> > Betreff: Re: [squid-users] https from different Subnet not working
> >
> > 2009/7/14 Jarosch, Ralph <Ralph.Jarosch_at_justiz.niedersachsen.de>:
> > > This is the latest support squid-2 version for RHEL5.3
> > >
> > > An I want to use the dnsserver
> >
> > Right. Well, besides the other posters' response about the cache peer
> > setup being a clue - you're choosing a peer based on source IP as far
> > as I can tell there - which leads me to think that perhaps that
> > particular cache has a problem. You didn't say which caches they were
> > in your config or error message so we can't check whether they're the
> > same or different.
> >
> Ok sorry.
> The current way for an website request is
>
> Client --> headproxy(10.37.132.2) --> my cache proxys
> (10.37.132.5/6/7/8) --> proxy off our isp --> internet
>
> The error message come from the isp proxy which tell when I request
> something like https://www.ebay.com
>
> The requested URL could not be retrieved
> ----------------------------------------------------------------------
> ---------- While trying to retrieve the URL: http.yyy.xxx:443 The
> yyy.xxx is our local domain
> following error was encountered:
> Unable to determine IP address from host name for The dnsserver
> returned:
> Name Error: The domain name does not exist.
> This means that:
> The cache was not able to resolve the hostname presented in the URL.
> Check if the address is correct.
> Your cache administrator is webmaster.
> ----------------------------------------------------------------------
> ---------- Generated Tue, 14 Jul 2009 08:10:39 GMT by xxxxxxx
> the answer come from the isp
> (squid/2.5.STABLE12)
>
> I´ve made an tcpdump between our headproxy and our cacheproxy´s an
> there I can see that the headproxy change the request from
> https//www.ebay.com to https.our.domain.com
>
>
>
> > But since yo'ure using a supported squid for RHEL5.3, why don't you
> > contact Redhat for support? That is why you're paying them for.
> >
> >
> > adrian
Received on Wed Jul 15 2009 - 05:44:31 MDT

This archive was generated by hypermail 2.2.0 : Wed Jul 15 2009 - 12:00:03 MDT