Re: [squid-users] Squid 3.3 Reverse Proxy Mode - 502 Errors when uploading files larger than 6MB from Madhav V Diwan on 2013-11-27 (squid-users)

From: Madhav V Diwan <mdiwan_at_diwanconsulting.com>
Date: Wed, 27 Nov 2013 11:56:47 -0500

Hi Eliezer

So i did some additional testing ,
i tried with no ssl plain http , but the backend weeb server keeps
redirecting to ssl and i could not get around that without breaking the
app.

so i tried just a plain old standard normal squid proxy , listening
on 3128 and facing inwards to the webserver .. In this configuration
large file uploads work fine on version 3.3.9

< in short when the proxy is not in reverse proxy mode , it can handle
the large file uploads, in reverse accel mode it errors on the upload
unless the file is tiny >

.. i noticed it was using direct connect for the ssl webserver when
using it as a standard proxy..
i wonder if the always_direct or never_direct settings will help in
reverse proxy mode-- doubtful-- but will test later

I will create the bug report soon

-----Original Message-----
To: squid-users_at_squid-cache.org

Date: Tue, 26 Nov 2013 05:31:16 +0200

Hey Madhav,

I will try to test it later with 3.3.10 to make sure I get the same
issue in a reverse proxy with a http cache_peer.
To test a SSL cache_peer for me it will take a bit longer.
If you can file a bug at the project Bugzilla it would help to keep
track about this issue at:
http://bugs.squid-cache.org/

Since we have two different "cases" in hand which is "reverse vs
forward" and "http vs https" I will later-on add a list of tests to the
Bugzilla to minimize the issue into a very specific case which then can
be analyzed and solved.

The subject of the bug can be "https big POST request failing in the
middle" or any similar one.

If you can add also to the frontend a http port just to check if in a
case of http frontend and http backhand is similar it will might help more.
You can use it on port 10800 if you want since squid doesn't care about
the port in this specific case.

Regards,
Eliezer

On 23/11/13 06:36, Madhav V Diwan wrote:
> Eliezer
>
> I just now tried a connection with the cache_peer set to port 80
> without SSL , i left the frontend ssl
>
> same result.. tiny file makes it through , larger files do not.
>
> Madhav
Received on Wed Nov 27 2013 - 16:56:58 MST

This archive was generated by hypermail 2.2.0 : Wed Nov 27 2013 - 12:00:08 MST