Re: [squid-users] Fwd: Re: HTTP 503 error in squid proxy server
On 8/11/2015 2:28 p.m., 聡司蛭田 wrote: > > communication flow is the following. > > Squid Proxy -> IGW ->IGW->ELB-> Server(EC2) > Ah. Okay then you can ignore my message about loops. I had misread your description as meaning the ELB sent to Squid, not in front of some other server. The thing to find out then is why the Squid machine cannot open direct TCP connections to port 443 on the ELB. Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Fwd: Re: HTTP 503 error in squid proxy server
Dear Thanks for reply. 2015-11-07 20:53 GMT+09:00 Antony Stone : > On Saturday 07 November 2015 at 12:48:09, Antony Stone wrote: > > > This reply came to my private address. > > > > Forwarding to the list. > > > > -- Forwarded Message Starts -- > > > > Subject: Re: [squid-users] HTTP 503 error in squid proxy server > > Date: Saturday 07 November 2015 10:43:14 > > From: 聡司蛭田 > > To: Antony Stone > > > > > Dear > > > > Thank you for reply. > > > > Squid version is squid-3.1.16-22. > > > > > On Saturday 07 November 2015 at 09:30:04, 聡司蛭田 wrote: > > > > Dear > > > > > > > > I have question about HTTPS communication through Squid Proxy Server. > > > > > > > > HTTP 503 error frequency occurs. > > > > > > Does it also occur if you point your browser directly at the site, not > > > via Squid? > > > > No browser. client Java Application communicate other site by using HTTPS > > protcol through squid proxy server. > > Okay, let me re-phrase my question then: > > Do you get the same intermittent problems if you tell the client java > Application to connect to the site directly without using Squid? > no problem to connect the site directlt without using Squid. > > > > > 10.xx.xx.xx - - [01/Nov/2015:03:44:33 +0900] "CONNECT > > > ..xxx.io:443 > > > > HTTP/1.1" 503 0 "-" "Javaa/1.7.0_71" TCP_MISS:DIRECT > > > > ..xxx.io:443 is ELB (Internet-Facing Load Balancer) DNS > name. > > > > > > Do you have access to that machine, to see what its logs show about the > > > incoming requests, and the responses it generates? > > What is the answer to the above question? > > > > > Squid cache is disable. > > > > > > So, what are you using it for? > > ? > I use Squid Proxy for HTTP(HTTPS) replay and acess log logging. > > > > > My addition squid config is the following. > > > > > > > > visible_hostname unknown > > > > strip_query_terms off > > > > acl NOCACHE src all > > > > cache deny NOCACHE > > > > > > Please show all of your squid.conf, omitting comments and blank lines. > > > > My squid config file is attached. > > > > > > What could be considered the cause? > > > > > > Temporary failure on the content server? > > > > Yes. temporary failure. > > No, I meant that there could genuinely be a temporary failure on the > content > server, which results in the HTTP/503 error. Nothing Squid can do about > that > (especially since you're not using it in caching mode - what are you using > it > for?) > I use Squid Proxy for HTTP(HTTPS) replay and acess log logging. It seems packet has not reached until the ELB. communication flow is the following. Squid Proxy -> IGW ->IGW->ELB-> Server(EC2) > > > -- Forwarded Message Ends -- > > Please send all replies to the list. > > > Regards, > > > Antony. > > -- > Software development can be quick, high quality, or low cost. > > The customer gets to pick any two out of three. > >Please reply to the > list; > please *don't* CC > me. > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users > ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Fwd: Re: HTTP 503 error in squid proxy server
>>> On Saturday 07 November 2015 at 09:30:04, 聡司蛭田 wrote: Dear I have question about HTTPS communication through Squid Proxy Server. HTTP 503 error frequency occurs. 10.xx.xx.xx - - [01/Nov/2015:03:44:33 +0900] "CONNECT >>> ..xxx.io:443 HTTP/1.1" 503 0 "-" "Javaa/1.7.0_71" TCP_MISS:DIRECT ..xxx.io:443 is ELB (Internet-Facing Load Balancer) DNS name. >>> Hold up. Squid is being instructed to open a TCP connection from itself to ..xxx.io and deliver the contents that follow the CONNECT message there. If ..xxx.io is the ELB, what do you expect will happen when Squid obeys? The short answer is "Forwarding Loop", eventually the cycle of ELB->Squid->ELB->Squid ... ends up going through one of the Squid it has already passed through which kills the loop with a 503. Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Fwd: Re: HTTP 503 error in squid proxy server
On Saturday 07 November 2015 at 12:48:09, Antony Stone wrote: > This reply came to my private address. > > Forwarding to the list. > > -- Forwarded Message Starts -- > > Subject: Re: [squid-users] HTTP 503 error in squid proxy server > Date: Saturday 07 November 2015 10:43:14 > From: 聡司蛭田 > To: Antony Stone > > > Dear > > Thank you for reply. > > Squid version is squid-3.1.16-22. > > > On Saturday 07 November 2015 at 09:30:04, 聡司蛭田 wrote: > > > Dear > > > > > > I have question about HTTPS communication through Squid Proxy Server. > > > > > > HTTP 503 error frequency occurs. > > > > Does it also occur if you point your browser directly at the site, not > > via Squid? > > No browser. client Java Application communicate other site by using HTTPS > protcol through squid proxy server. Okay, let me re-phrase my question then: Do you get the same intermittent problems if you tell the client java Application to connect to the site directly without using Squid? > > > 10.xx.xx.xx - - [01/Nov/2015:03:44:33 +0900] "CONNECT > > ..xxx.io:443 > > > HTTP/1.1" 503 0 "-" "Javaa/1.7.0_71" TCP_MISS:DIRECT > > > ..xxx.io:443 is ELB (Internet-Facing Load Balancer) DNS name. > > > > Do you have access to that machine, to see what its logs show about the > > incoming requests, and the responses it generates? What is the answer to the above question? > > > Squid cache is disable. > > > > So, what are you using it for? ? > > > My addition squid config is the following. > > > > > > visible_hostname unknown > > > strip_query_terms off > > > acl NOCACHE src all > > > cache deny NOCACHE > > > > Please show all of your squid.conf, omitting comments and blank lines. > > My squid config file is attached. > > > > What could be considered the cause? > > > > Temporary failure on the content server? > > Yes. temporary failure. No, I meant that there could genuinely be a temporary failure on the content server, which results in the HTTP/503 error. Nothing Squid can do about that (especially since you're not using it in caching mode - what are you using it for?) > -- Forwarded Message Ends -- Please send all replies to the list. Regards, Antony. -- Software development can be quick, high quality, or low cost. The customer gets to pick any two out of three. Please reply to the list; please *don't* CC me. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] Fwd: Re: HTTP 503 error in squid proxy server
This reply came to my private address. Forwarding to the list. -- Forwarded Message Starts -- Subject: Re: [squid-users] HTTP 503 error in squid proxy server Date: Saturday 07 November 2015 10:43:14 From: 聡司蛭田 To: Antony Stone > Dear Thank you for reply. Squid version is squid-3.1.16-22. > On Saturday 07 November 2015 at 09:30:04, 聡司蛭田 wrote: > > > Dear > > > > I have question about HTTPS communication through Squid Proxy Server. > > > > HTTP 503 error frequency occurs. > > Does it also occur if you point your browser directly at the site, not via > Squid? No browser. client Java Application communicate other site by using HTTPS protcol through squid proxy server. > > 10.xx.xx.xx - - [01/Nov/2015:03:44:33 +0900] "CONNECT > ..xxx.io:443 > > HTTP/1.1" 503 0 "-" "Javaa/1.7.0_71" TCP_MISS:DIRECT > > > > ..xxx.io:443 is ELB (Internet-Facing Load Balancer) DNS name. > > Do you have access to that machine, to see what its logs show about the > incoming requests, and the responses it generates? > > > Squid cache is disable. > > So, what are you using it for? > > > My addition squid config is the following. > > > > visible_hostname unknown > > strip_query_terms off > > acl NOCACHE src all > > cache deny NOCACHE > > Please show all of your squid.conf, omitting comments and blank lines. My squid config file is attached. > > What could be considered the cause? > > Temporary failure on the content server? Yes. temporary failure. -- Forwarded Message Ends -- squid.conf Description: Binary data ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users