Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 24 Jan 2013 10:06:06 -0600
From:      dweimer <dweimer@dweimer.net>
To:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Squid 3.2 Reverse Proxy Problems on FreeBSD
Message-ID:  <81f88b6ec81cc621e0e54318fd80e567@dweimer.net>
next in thread | raw e-mail | index | archive | help 
Is anyone running else running the Squid 3.2 branch on FreeBSD as a 
reverse proxy?  Specifically using HTTPS and uploading data?

The reason I ask, I have a server Running FreeBSD 9.0-p4 and Squid 
3.1.21, all works I tried upgrading to a new server running FreeBSD 9.1 
with Squid 3.2.6, thought everything was working, then we started 
getting complaints on to of the back end applications.

Tracked the issue down to any submit forms on HTTPS, if somewhere 
between 2.2k and 3k it breaks, if the post is under that very small size 
instant success, if over that size the browser churns for a few minutes 
then returns a "Bad Request Your browser sent a request that this server 
could not understand."  On the Squid side there is a TCP_MISS_ABORTED 
log entry that gets logged.  The problem doesn't show up on HTTP, I can 
upload large files, tested up to 50M.

I just wanted to see if any one else is successfully doing this, maybe 
something specific to my server build and I just need to start over.

Both servers have been built from source, both using clang, including 
ports, except on gcc, open-vm-tools, and squid.  They are both running 
on the same cluster of ESX 4.1 servers.  Other than the FreeBSD version 
and Squid version the other difference is ZFS used on the file system 
for the FreeBSD 9.1 and UFS used for the FreeBSD 9.0-p4.

I have already started a thread on the Squid mailing list on the issue 
as well, but haven't gotten any help yet.  But now that I have the 
production setup going through the old server again, I can do some more 
testing and enable debugging and possibly get some useful information as 
to whats happening.

-- 
Thanks,
    Dean E. Weimer
    http://www.dweimer.net/

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?81f88b6ec81cc621e0e54318fd80e567>