[squid-users] Connection reset by peer from John Kenyon on 2013-10-08 (squid-users)

From: John Kenyon <JKenyon_at_bgwgroup.com.au>
Date: Wed, 9 Oct 2013 08:41:55 +1000

Hi All,

Hope someone can shed some light on a problem I am experiencing... I can reproduce a "(104) Connection reset by peer" error consistently on a certain website when trying to login.

When the 502 bad gateway issue appears it looks like there is a missing FIN packet.

I can access this site fine behind our company firewall, just have a problem when using squid proxy... here is a bit more info:

Relevant lines in Squid access.log

1381271050.480 424 192.168.0.25 TCP_MISS/200 414 POST http://www.cmmsau.com/scripts/mms.dll/JAWS/MMS/acs/f_login - HIER_DIRECT/66.151.79.155 text/html
1381271050.838 297 192.168.0.25 TCP_MISS/502 3710 GET http://www.cmmsau.com/scripts/mms.dll/JAWS/MMS/acs/f_redirect? - HIER_DIRECT/66.151.79.155 text/html

Here is a tcpdump:

# tcpdump -i eth0 dst 66.151.79.155
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
16:53:53.462042 IP proxyserver.33784 > 66.151.79.155.http: S 264441315:264441315(0) win 5840 <mss 1460,sackOK,timestamp 447447258 0,nop,wscale 8>
16:53:53.665606 IP proxyserver.33784 > 66.151.79.155.http: . ack 258927824 win 23 <nop,nop,timestamp 447447462 0>
16:53:53.666037 IP proxyserver.33784 > 66.151.79.155.http: P 0:636(636) ack 1 win 23 <nop,nop,timestamp 447447462 0>
16:53:53.666217 IP proxyserver.33784 > 66.151.79.155.http: P 636:711(75) ack 1 win 23 <nop,nop,timestamp 447447462 0>
16:53:53.903639 IP proxyserver.33784 > 66.151.79.155.http: . ack 327 win 27 <nop,nop,timestamp 447447700 4801001>
16:53:54.028623 IP proxyserver.33784 > 66.151.79.155.http: P 711:1363(652) ack 327 win 27 <nop,nop,timestamp 447447825 4801001>

# tcpdump -i eth0 src 66.151.79.155
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
16:55:17.007426 IP 66.151.79.155.http > proxyserver.34334: S 2581779361:2581779361(0) ack 350474126 win 16384 <mss 1380,nop,wscale 0,nop,nop,timestamp 0 0,nop,nop,sackOK>
16:55:17.225169 IP 66.151.79.155.http > proxyserver.34334: . ack 714 win 64822 <nop,nop,timestamp 4801834 447530601>
16:55:26.115901 IP 66.151.79.155.http > proxyserver.34334: P 1:327(326) ack 714 win 64822 <nop,nop,timestamp 4801924 447530601>
16:55:26.552923 IP 66.151.79.155.http > proxyserver.34334: . ack 1366 win 64170 <nop,nop,timestamp 4801928 447540018>
16:55:26.943813 IP 66.151.79.155.http > proxyserver.34334: R 327:327(0) ack 1366 win 0

Squid Cache: Version 3.3.9
configure options: '--prefix=/usr' '--includedir=/usr/include' '--datadir=/usr/share' '--bindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--localstatedir=/var' '--sysconfdir=/etc/squid' '--enable-auth' '--enable-auth-basic=ldap,getpwnam' '--enable-auth-ntlm=smb_lm' '--enable-external-acl-helpers=wbinfo_group,session' '--enable-removal-policies=heap,lru' '--enable-async-io' '--enable-storeio=aufs,ufs' '--enable-poll' '--enable-ntlm-fail-open' '--disable-ident-lookups' '--enable-delay-pools' '--disable-ipv6' --enable-ltdl-convenience

I have played around with settings for ECN and Window Scaling but no luck... Any ideas guys?

Cheers, John
Received on Tue Oct 08 2013 - 22:42:15 MDT

This archive was generated by hypermail 2.2.0 : Thu Oct 10 2013 - 12:00:05 MDT