From owner-freebsd-questions@FreeBSD.ORG Thu Jan 24 16:06:14 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 503EDA56 for ; Thu, 24 Jan 2013 16:06:14 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received: from webmail.dweimer.net (24-240-198-187.static.stls.mo.charter.com [24.240.198.187]) by mx1.freebsd.org (Postfix) with ESMTP id 0FF2A202 for ; Thu, 24 Jan 2013 16:06:13 +0000 (UTC) Received: from www.dweimer.net (webmail.dweimer.local [192.168.5.1]) by webmail.dweimer.net (8.14.5/8.14.5) with ESMTP id r0OG66Aa043426 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Thu, 24 Jan 2013 10:06:06 -0600 (CST) (envelope-from dweimer@dweimer.net) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 24 Jan 2013 10:06:06 -0600 From: dweimer To: FreeBSD Questions Subject: Squid 3.2 Reverse Proxy Problems on FreeBSD Organization: dweimer.net Mail-Reply-To: Message-ID: <81f88b6ec81cc621e0e54318fd80e567@dweimer.net> X-Sender: dweimer@dweimer.net User-Agent: Roundcube Webmail/0.8.1 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: dweimer@dweimer.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jan 2013 16:06:14 -0000 Is anyone running else running the Squid 3.2 branch on FreeBSD as a reverse proxy? Specifically using HTTPS and uploading data? The reason I ask, I have a server Running FreeBSD 9.0-p4 and Squid 3.1.21, all works I tried upgrading to a new server running FreeBSD 9.1 with Squid 3.2.6, thought everything was working, then we started getting complaints on to of the back end applications. Tracked the issue down to any submit forms on HTTPS, if somewhere between 2.2k and 3k it breaks, if the post is under that very small size instant success, if over that size the browser churns for a few minutes then returns a "Bad Request Your browser sent a request that this server could not understand." On the Squid side there is a TCP_MISS_ABORTED log entry that gets logged. The problem doesn't show up on HTTP, I can upload large files, tested up to 50M. I just wanted to see if any one else is successfully doing this, maybe something specific to my server build and I just need to start over. Both servers have been built from source, both using clang, including ports, except on gcc, open-vm-tools, and squid. They are both running on the same cluster of ESX 4.1 servers. Other than the FreeBSD version and Squid version the other difference is ZFS used on the file system for the FreeBSD 9.1 and UFS used for the FreeBSD 9.0-p4. I have already started a thread on the Squid mailing list on the issue as well, but haven't gotten any help yet. But now that I have the production setup going through the old server again, I can do some more testing and enable debugging and possibly get some useful information as to whats happening. -- Thanks, Dean E. Weimer http://www.dweimer.net/