El 16/09/13 18:35, John McGowan escribió:
> Hi,
>
> First, a brief background: I'm using squid as a non caching proxy
> server within Amazon AWS to serve as a common place for my web
> applications to make API requests to third parties. This is because
> many of the 3rd parties I connect to have private API servers that use
> a firewall to lock down where requests can be made from. The requests
> are typically coming from PHP/curl, and I've simply added proxy
> configuration to the curl options and everything works as it should.
> Most of the time.
>
> I probably wouldn't have noticed this problem under normal usage. The
> other day I needed to make a script that tested connectivity to 100+
> of these 3rd party (private) api servers to make sure that they all
> have their firewalls configured properly. I noticed during these
> tests that a few of them randomly fail when I run the test. This was
> when I was running the test from the app servers behind the proxy, so
> to narrow things down I decided to run the same PHP testing script
> from the actual proxy server using localhost:3128 as the proxy
> address. With that setup I get the same result. *Some* of the
> servers I'm testing a connection to fail *some* of the time. This
> type of failure seems to happen after about 3 seconds, regardless of
> what I set the curl timeouts to.
>
> To try to narrow things down even further I decided to modify the
> script running on the proxy server to not use the proxy server at all.
> When I do that, everything passes 100% of the time.
>
> So, I know that there is some sort of problem when I get squid
> involved, and I'm suspecting that the problem is more than likely due
> to something on the other end not playing nice with a proxy server
> (occasionally).
>
> However, I know that it's going to be next to impossible to get the
> people that control these various API servers to track down some issue
> that doesn't play nice with my proxy server, especially when I know it
> works without the proxy involved.
>
> Note, we're always using https to make these connections.
>
> Can anybody with more squid experience think of a configuration
> problem on my end of things that might be causing my proxy to be less
> tolerant of a quirky server at the other end, or possibly with
> something between my proxy and the server?
>
> I'm happy to provide my simple configuration for squid if that helps.
>
squid defaults connect_retries to 0
try setting it to something and see if the 503 errors frequency are
lower with this.
Received on Wed Sep 18 2013 - 12:41:40 MDT
This archive was generated by hypermail 2.2.0 : Wed Sep 18 2013 - 12:00:05 MDT