On 17/02/2014 8:55 p.m., khadmin wrote:
> Hi Amos,
>
> Thank you for the response, actually i'am working with IPV4 on my network
> architecture.
While Squid appears to be trying to use the half-working IPv6 network
you have available.
Not that your Squid is apparently *successfully* performing the TCP
SYN/SYN-ACK exchange to setup the remote server connections over IPv6.
*Then* failing on the data packets.
As a friend of mine is becoming famous for saying:
"Welcome to your IPv6 transit network, whether you know it or not".
> All the client are connected to a DC Windows 2012 server that manage
> DNS,DHCP and AD.
> The proxy server is not under the domain controller and have a static Ip
> adress.
> Any way I will try to run MTU Path and i will give you feed-back.
> Other way would you advise me to installa nother version of Squid proxy?
I advise looking into fixing the IPv6 on your network.
Since Squid is getting as far as it does you can be sure there are other
software on your network doing same, or possibly even getting working
connections.
Start with the firewall rules on your routers ASAP so that when you get
around to fixing packet transit your normal security policies does not
suddenly gain lots of holes.
Amos
Received on Tue Feb 18 2014 - 02:31:57 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 18 2014 - 12:00:06 MST