Re: [squid-users] Time-based oddity that I can't quite nail down...

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Tue, 10 Nov 2009 23:23:41 +0100

tis 2009-11-10 klockan 14:01 -0800 skrev Kurt Buff:

> > Browsing on the proxy without using the proxy is the same as going via
> > the proxy in terms of networking..

> Yes.
>
> But currently all users on the network are forced through squid to
> browse the web.

Which is relevant to the case of browsing directly from the proxy server
host how?

> I'm opening an exception in the firewall this evening so that I can
> turn off the proxy settings on my workstation and go to the firewall
> directly. I'll turn off the proxy settings for FireFox so that I can
> compare performance against IE, which will be using squid.

Testing from another host than the proxy itself is interesting, but not
conclusive regarding if the problem is Squid or something else..

> If I get anything like normal response times FF, but not in IE, I'll
> have evidence that it's squid. If they both have really crappy times
> loading, then it's something else, and I'll be that much further ahead
> in troubleshooting.

The first is not a valid conclusion due to the large differences
networking wise how the requests is sent. There is just too many other
things that can go wrong, and very often is.

Testing on a workstation not using the proxy compared to a workstation
using the proxy will honestly not tell you anything, except if that also
fails then you know you can completely rule out it's anything related to
the proxy.

If the workstation going direct works fine then you are pretty much
still at the same square in terms of testing, still not knowing if it's
Squid, the server Squid runs on, the tested web site, firewalls going
bad, broken routers (currently having a fight with a such case where a
router randomly messes with TCP traffic in certain flows but icmp
works).

By testing by running a browser on the proxy server itself you can
identify if the problem is Squid or something outside Squid.

If the test where you run a browser directly on the Squid server host
works fine when going direct but fails when going via Squid on the same
host then you know it's most likely a Squid issue and you should file a
Squid bug report.

If the test where you run a browser directly on the Squid server host
shows the same problems when not using the proxy then you know it's
something outside Squid, and you need to continue searching a bit to
find the culpit, which could be any of

  - Problem with the Squid server host (bad cables, bad drivers, problem
in duplex negotiation, bad operating system, etc..)

  - Problem triggered by differences in the TCP/IP capabilities of the
Squid server host. This is for example a very common problem when Squid
is running on Linux hosts as the linux TCP/IP stack is far more evolved
than Windows and often triggers problems in other equipment such as
firewalls, routers etc causing very bad response times, partially loaded
pages etc.

Regards
Henrik
Received on Tue Nov 10 2009 - 22:23:46 MST

This archive was generated by hypermail 2.2.0 : Fri Nov 13 2009 - 12:00:04 MST