From owner-freebsd-current@FreeBSD.ORG  Wed Dec 27 23:35:31 2006
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: freebsd-current@freebsd.org
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id DFC5116A403
	for <freebsd-current@freebsd.org>; Wed, 27 Dec 2006 23:35:30 +0000 (UTC)
	(envelope-from cswiger@mac.com)
Received: from pi.codefab.com (pi.codefab.com [199.103.21.227])
	by mx1.freebsd.org (Postfix) with ESMTP id 98D4513C478
	for <freebsd-current@freebsd.org>; Wed, 27 Dec 2006 23:35:30 +0000 (UTC)
	(envelope-from cswiger@mac.com)
Received: from localhost (localhost [127.0.0.1])
	by pi.codefab.com (Postfix) with ESMTP id EFD2A5D9B;
	Wed, 27 Dec 2006 18:17:38 -0500 (EST)
X-Virus-Scanned: amavisd-new at codefab.com
Received: from pi.codefab.com ([127.0.0.1])
	by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id K0FzxTNhz3Hp; Wed, 27 Dec 2006 18:17:35 -0500 (EST)
Received: from [192.168.1.251] (pool-68-161-114-230.ny325.east.verizon.net
	[68.161.114.230])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pi.codefab.com (Postfix) with ESMTP id 254505C31;
	Wed, 27 Dec 2006 18:17:35 -0500 (EST)
Message-ID: <4592FF0A.1080400@mac.com>
Date: Wed, 27 Dec 2006 18:17:30 -0500
From: Chuck Swiger <cswiger@mac.com>
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
MIME-Version: 1.0
To: Colin Percival <cperciva@freebsd.org>
References: <20061210010823.GS81923@egr.msu.edu>
	<20061214172323.GP1011@egr.msu.edu> <45908ED3.4040503@freebsd.org>
	<200612261129.48173.max@love2party.net>
	<459192A9.2050808@freebsd.org>
In-Reply-To: <459192A9.2050808@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Max Laier <max@love2party.net>, Adam McDougall <mcdouga9@egr.msu.edu>,
	freebsd-current@freebsd.org, Mike Silbersack <silby@silby.com>
Subject: Re: Fwd: Re: pf: BAD state happens often with portsnap fetch update
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Dec 2006 23:35:31 -0000

Colin Percival wrote:
> Max Laier wrote:
>> Another sollution, of course, would be to: Don't do that then.  It really 
>> seems wrong for a program to exhaust the outgoing port pool.
> 
> Portsnap tries to use a single HTTP/TCP connection for downloading large
> numbers of patches; the problem is being triggered by squid closing the
> HTTP connection after each file.

FYI, if you pass a:

   Connection: keep-alive

...header in the request, Squid will not close the client->proxy connection 
and you ought to be able to re-use it to make additional requests.

-- 
-Chuck

PS: Squid "supports HTTP/1.0 persistent connections", from which the HTTP/1.1 
style keepalives derive-- and quick testing suggests these persistent 
connections work with either HTTP/1.0 or 1.1 specified in the request.

However, please note that Squid apparently wants the original server to 
respond with a Content-length header, especially if the content is big enough 
to not be cached:

1-sec% telnet proxy 3128
Trying 192.168.1.2...
Connected to proxy.pkix.net.
Escape character is '^]'.
GET http://www.news.com HTTP/1.0
Connection: keep-alive

HTTP/1.0 302 Moved Temporarily
Date: Wed, 27 Dec 2006 23:08:53 GMT
Server: Apache/2
Location: http://news.com.com/
Content-Length: 204
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from sec.pkix.net
X-Cache-Lookup: MISS from sec.pkix.net:3128
Proxy-Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://news.com.com/">here</a>.</p>
GET http://www.news.com HTTP/1.1
Host: www.news.com
Connection: keep-alive

HTTP/1.0 302 Moved Temporarily
Date: Wed, 27 Dec 2006 23:09:19 GMT
Server: Apache/2
Location: http://news.com.com/
Content-Length: 204
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from sec.pkix.net
X-Cache-Lookup: MISS from sec.pkix.net:3128
Proxy-Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://news.com.com/">here</a>.</p>
</body></html>
GET http://news.com.com HTTP/1.1
Host: news.com.com
Connection: keep-alive

HTTP/1.0 200 OK
Date: Wed, 27 Dec 2006 23:00:14 GMT
Server: Apache/2.0
Accept-Ranges: bytes
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY 
ONL UNI FIN COM NAV INT DEM STA"
Content-Type: text/html
Expires: Wed, 27 Dec 2006 23:00:14 GMT
X-Cache: MISS from sec.pkix.net
X-Cache-Lookup: MISS from sec.pkix.net:3128
Proxy-Connection: close
[ ...HTML content snipped... ]
Connection closed.