TCP window scaling was the issue. I believe the real issue is caused
by the company that hosts the site I'm trying to access and I
performed a workaround. I'd like to let them know what was causing the
issue.
Started working immediately after:
echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
Documentation:
http://wiki.squid-cache.org/KnowledgeBase/BrokenWindowSize
http://dunedin.lug.net.nz/forums/archive/index.php/t-82653.html
On Mar 3, 2008, at 5:23 PM, Adrian Chadd wrote:
> Hm, try disabling pmtu, timestampsand window scaling on your squid
> server?
>
>
>
> Adrian
>
>
> On Mon, Mar 03, 2008, Cody Jarrett wrote:
>> I'm having an issue with a new squid install. Squid has always worked
>> fine, but I moved squid to a new server and am having issues. My
>> squid
>> config allows access to 1 website for ordering purposes. Since moving
>> to the new server, when accessing the website, a certain page load
>> takes anywhere from 5 minutes to 10 minutes. Basically, the border of
>> the page loads, but the center of the page is some sort of ajax and a
>> scriplet form and that hangs. When it eventually starts to load the
>> form, it loads about 1 line per second and about 50 lines. When I
>> don't use the proxy and browse to the site, the page and form loads
>> in
>> about 3 seconds. The whole time when it is trying to load, I get the
>> following when running tethereal on the server over and over until it
>> finally loads:
>>
>> 1204576907.204371 192.168.1.100 -> 10.20.30.40 TCP 59770 > squid
>> [ACK]
>> Seq=10215 Ack=26389 Win=524176 Len=0 TSV=740957497 TSER=260637360
>> 1204576907.240115 192.168.1.100 -> 10.20.30.40 TCP 59770 > squid
>> [ACK]
>> Seq=10215 Ack=27837 Win=524176 Len=0 TSV=740957497 TSER=260637398
>> 1204576908.448434 10.20.30.40 -> 192.168.1.100 TCP [TCP segment of a
>> reassembled PDU]
>> 1204576908.481293 10.20.30.40 -> 192.168.1.100 TCP [TCP segment of a
>> reassembled PDU]
>> 1204576908.501902 192.168.1.100 -> 10.20.30.40 TCP 59770 > squid
>> [ACK]
>> Seq=10215 Ack=29285 Win=524176 Len=0 TSV=740957510 TSER=260638651
>> 1204576908.525971 192.168.1.100 -> 10.20.30.40 TCP 59770 > squid
>> [ACK]
>> Seq=10215 Ack=30733 Win=524176 Len=0 TSV=740957510 TSER=260638684
>> 1204576909.736172 10.20.30.40 -> 192.168.1.100 TCP [TCP segment of a
>> reassembled PDU]
>> 1204576909.769486 10.20.30.40 -> 192.168.1.100 TCP [TCP segment of a
>> reassembled PDU]
>>
>> On the previous server, I didn't have any problems, and I copied the
>> squid.conf over to the new server, editing the IP address and server
>> name in the conf file. The new server has a cable internet connection
>> several mbit's in speed. I even tried the exact same version of squid
>> on the previous version, but upgraded to squid-2.6.STABLE6-5.el5_1.2
>> without any difference. It's a pretty basic config, and the only
>> thing
>> that has really changed is the centos 5 server that is now acting as
>> the proxy server and the internet connection is now cable. It almost
>> looked like some sort of MTU issue, but I've tried browsing the site
>> from a computer using the proxy that is on the LAN behind this
>> server,
>> ( this server acts as the gateway for this LAN).
>>
>> Any insight would be greatly appreciated. Thanks.
>>
>> Here is my configuration file:
>>
>> http_port 1.2.3.4:3128
>> http_port 127.0.0.1:3128
>> visible_hostname proxy.blah.com
>> cache_dir null /dev/null
>> auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
>> acl all src 0/0
>> acl MyAllowedSites dstdomain .site.com
>> acl MyAcct proxy_auth | "/etc/squid/acl_groups/MyGroups"
>> http_access allow MyAcct MyAllowedSites
>> http_access deny all
>> acl all src 0.0.0.0/0.0.0.0
>> acl CONNECT method CONNECT
>> acl authenticated proxy_auth REQUIRED
>> http_access allow authenticated
>> http_access deny all
>> http_reply_access allow all
>> icp_access allow all
>> tcp_recv_bufsize 100000 bytes
>> coredump_dir /var/spool/squid
>>
>>
>>
>>
>>
>
> --
> - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial
> Squid Support -
> - $25/pm entry-level VPSes w/ capped bandwidth charges available in
> WA -
Received on Tue Mar 04 2008 - 12:12:03 MST
This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:04 MDT