Hey,
The problems you have mentioned are possible because of couple reasons
and there is a need to fully debug it.
On 10/21/2013 10:17 PM, Matthew Ceroni wrote:
> When downloading files from certain websites, my end users experience
> intermittent issues.
OK happens, and not all traffic should be intercepted.
> On one site, WebEx, where you can download recordings, transmission
> speeds start off high and then gradually go to zero and the
> transmission dies.
Researching this issue came across the TCP Window
> Scale option. I verified that my firewall (Cisco ASA running latest
> ASA software) is set to allow window scaling (it doesn't zero out the
> options). The thing with this issue is I don't see anything logged to
> the access log. No start of transmission or end of transmission.
What I would have done is route the client using a dedicated router
machine and verify what are the issues and if these are issues that can
be of a blame towards the protocl the client uses or any other source of
the problem which can be from other sources and issues rather then squid.
You can also try to let the client surf using a regular forward proxy to
make sure what happens then.. not interception etc.
> Another user reported that they were receiving HTTP 500 errors when
> trying to download artifacts for Artifactory (build server). When
> looking at the access.log I see TCP_MISS/500 errors. Now usually HTTP
> 500 errors are server side errors. So I indicated this to my user
> saying the server they are downloading from is returning the 500
> error.
They didn't agree and as a temporary work around I allowed
> direct access for that server out to the internet. They now say the
> issue is resolved (don't really agree with them at this point).
It's not a matter of Temporary solution but rather what is the problem
and it's source
> What is the best route to go in debugging download issues?
Isolate the client and tell him that you want to debug it and find out
what the root source of the problem.
What version of squid are you using?
TCP_MISS/500 can be because squid is just there but not configured to
work with this service.
Is it a trasparent proxy? tproxy? DNAT?
If you can route the client or intercept the client traffic using a
bridge or a router you can isolate the issues from application level to
network\routing.
When you see that bypassing squid works it can be either a network or
application level and then try to use debug_options with http headers.
You can then verify what are the headers that the client sends and then
what the server sends..
There might be a clue about it the headers.
I would have try to remove any "forwards-for" or any related headers
such as Via and to see what happens..
There are couple systems\sites outthere that are based on couple headers
and when some proxy in the way from the client adds such headers it
makes the respond in a way nobody likes.
Hope It helps.
Eliezer
Received on Tue Oct 22 2013 - 00:18:19 MDT
This archive was generated by hypermail 2.2.0 : Tue Oct 22 2013 - 12:00:06 MDT