On 17/12/10 08:45, Ming Fu wrote:
> Hi,
>
> When using squid 3.1.9 and ssl-bump, access to
> https://www.e-secure-it.com/info.html will cause squid RESPMOD to
> pause for about 2 minutes when sending the body playload to the ICAP
> server. The payload will eventually arrive. Just can't explain what
> happens during the 2 minute.
>
> Tcpdump on port 443 show that there is a pause during the end of SSL
> transaction with the e-secure. The time of the port 443 pause
> correlates to the pause of ICAP body upload. But there is no such
> pause when browser is direct connected to the e-secure site without
> squid in the middle.
>
You seem to have answered your own question. Sending stuff to that ICAP
server is very slow.
Other things to consder:
* Did the packets actually stop completely at that point? or did
something else happen?
* look at DNS etc as well. Squid may be waiting on the ICAP server
name to resolve.
* take a full packet traces (tcpdump -s 0 ...) and see what is
actually being transfered to/from ICAP. It could be non-HTTP, broken
syntax, or any kind of secondary encoding inside a HTTPS security channel.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.9 Beta testers wanted for 3.2.0.3Received on Fri Dec 17 2010 - 01:48:38 MST
This archive was generated by hypermail 2.2.0 : Fri Dec 17 2010 - 12:00:02 MST