Re: [squid-users] Squid intermittently fails with 503 after connect

From: Eliezer Croitoru <eliezer_at_ngtech.co.il>
Date: Tue, 17 Sep 2013 02:22:40 +0300

Hey John,

almost by order:
what did you do to make the proxy non caching proxy?
I do not know your squid setup and load but it can be also caused by a
network issue.
to track this down there is a need to see the access logs first.
Then to see the cache logs in a debug mode of ALL,2 (if you need some
more in depth instructions let me know).

I am running a proxy and from time to time I have seen a 503 errors.
The connect tunnel is suppose to be as is... and there for a 503 is kind
of weird and since the proxy is not mangling the ssl it should be fine
unless there is a problem in the upstream streams..

try to run another script but without ssl just to make sure that other
applications in the world just works..
let say http://www.yahoo.com/ should provide you with more information
on that the world applications still works fine..
Also try to GET http://www.wikipedia.org/%e2%80%8f
All the above are working applications that can be tested by others just
by surfing the proxy..

I have my repos if you want to test the script and I can guarantee that
my services are not 100% up time but they do serve enough to make sure
that your service(squid) works fine or it's an upstream problem.

IF you need more help we can try to help you.

Eliezer

On 09/17/2013 12:35 AM, John McGowan wrote:
> Hi,
>
> First, a brief background: I'm using squid as a non caching proxy
> server within Amazon AWS to serve as a common place for my web
> applications to make API requests to third parties. This is because
> many of the 3rd parties I connect to have private API servers that use
> a firewall to lock down where requests can be made from. The requests
> are typically coming from PHP/curl, and I've simply added proxy
> configuration to the curl options and everything works as it should.
> Most of the time.
>
> I probably wouldn't have noticed this problem under normal usage. The
> other day I needed to make a script that tested connectivity to 100+
> of these 3rd party (private) api servers to make sure that they all
> have their firewalls configured properly. I noticed during these
> tests that a few of them randomly fail when I run the test. This was
> when I was running the test from the app servers behind the proxy, so
> to narrow things down I decided to run the same PHP testing script
> from the actual proxy server using localhost:3128 as the proxy
> address. With that setup I get the same result. *Some* of the
> servers I'm testing a connection to fail *some* of the time. This
> type of failure seems to happen after about 3 seconds, regardless of
> what I set the curl timeouts to.
>
> To try to narrow things down even further I decided to modify the
> script running on the proxy server to not use the proxy server at all.
> When I do that, everything passes 100% of the time.
>
> So, I know that there is some sort of problem when I get squid
> involved, and I'm suspecting that the problem is more than likely due
> to something on the other end not playing nice with a proxy server
> (occasionally).
>
> However, I know that it's going to be next to impossible to get the
> people that control these various API servers to track down some issue
> that doesn't play nice with my proxy server, especially when I know it
> works without the proxy involved.
>
> Note, we're always using https to make these connections.
>
> Can anybody with more squid experience think of a configuration
> problem on my end of things that might be causing my proxy to be less
> tolerant of a quirky server at the other end, or possibly with
> something between my proxy and the server?
>
> I'm happy to provide my simple configuration for squid if that helps.
>
>
Received on Mon Sep 16 2013 - 23:22:53 MDT

This archive was generated by hypermail 2.2.0 : Tue Sep 17 2013 - 12:00:04 MDT