Hello everybody.
This is my first post to this list, but today I really need help...
We have a really old server with Debian 3.1 and squid 2.5.
All is working well.
But, yes, time to upgrade :) We want to switch for a new
hardware, running centos 6.3 and squid 3.4.2
To switch servers, we just shutdown the old one,
(after taking the configuration file) and use his IPs on the new one.
For most of our customers, it worked. But for some of them, It didn't.
We found that when we try to send a file using a "put" inside an SSL tunnel,
something goes wrong.
Client IP : 172.23.122.81
He need to connect (https) and send files to 10.118.123.155 and 10.118.123.156.
We took the squid log file (cache.log) in debug mode. But it's really hard
for me to read something useful inside. The access log don't show anything special :
13/Feb/2014:17:38:01 - S=172.23.122.81 D=frhtinet02 - TCP_MISS/200 CONNECT frhtinet02:443 - - 1589 131364
13/Feb/2014:17:40:21 - S=172.23.122.81 D=frhtinet01 - TCP_MISS/200 CONNECT frhtinet01:443 - - 1582 200513
13/Feb/2014:17:40:51 - S=172.23.122.81 D=frhtinet02 - TCP_MISS/200 CONNECT frhtinet02:443 - - 1589 129490
13/Feb/2014:17:42:04 - S=172.23.122.81 D=frhtinet01 - TCP_MISS/200 CONNECT frhtinet01:443 - - 1582 132196
(note that frhtinet01 is 10.118.123.155 and frhtinet02 is 10.118.123.156).
The cache.log file between 2014/02/13 17:40:00 and 2014/02/13 17:42:59.490 is
available here :
https://ftpext.bouyguestelecom.fr/cache.log?local_ident=6125350&u=6xsQ3VN2LNyWTJN2hc3UeVeoR6Fiseo
(this file will only stay online for 7 days)
Warning, there are other transfers occurring at that time, that the one we're talking about.
For example all url with "ptlfrtsoap" in them are irrelevant.
The only error I found inside this log, that could be link to our case is :
tunnel.cc(428) error: local=172.31.77.52:49509 remote=10.118.123.155:443 FD 21 flags=1: read/write failure: (104) Connection reset by peer
But the server we are trying to connect to for sending files don't seems to have any problems.
If we go back with the old box (debian 3.1/squid 2.5) all is working well.
Any idea are welcome, and thanks for taking time to read me.
________________________________
L'intégrité de ce message n'étant pas assurée sur internet, la société expéditrice ne peut être tenue responsable de son contenu ni de ses pièces jointes. Toute utilisation ou diffusion non autorisée est interdite. Si vous n'êtes pas destinataire de ce message, merci de le détruire et d'avertir l'expéditeur.
The integrity of this message cannot be guaranteed on the Internet. The company that sent this message cannot therefore be held liable for its content nor attachments. Any unauthorized use or dissemination is prohibited. If you are not the intended recipient of this message, then please delete it and notify the sender.
Received on Fri Feb 14 2014 - 16:23:49 MST
This archive was generated by hypermail 2.2.0 : Fri Feb 14 2014 - 12:00:04 MST