+ Post New Thread
Results 1 to 3 of 3
*nix Thread, Squid won't handle more than x sessions to a site in Technical; Here is a funny one, have a Fedora server running Squid in transparent proxy mode. It uses 'chains'? to foward ...
  1. #1

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,270
    Thank Post
    884
    Thanked 2,747 Times in 2,321 Posts
    Blog Entries
    11
    Rep Power
    785

    Squid won't handle more than x sessions to a site

    Here is a funny one, have a Fedora server running Squid in transparent proxy mode. It uses 'chains'? to foward from port 80 internally to the proxy. The issue is that with certain sites it can only handle exactly x number of sessions then fails for the next client. Unfortunatly the site is used for class lots of testing and x < class size.

    I have looked through the squid.conf and there are no session limits set, it could be a bandwidth constraint but it seems odd that it would present at exactly x users each time. Addidionally ISA handles it fine as another site so I am guessing that it is a misconfiguration or limitation(unlikely) of Squid. I think that the site may use SSL for certain parts incase this could effect it.

    Any helpful hints?
    Last edited by SYNACK; 9th November 2010 at 06:49 AM.

  2. #2


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,491
    Thank Post
    868
    Thanked 855 Times in 675 Posts
    Rep Power
    197
    If you are using transparent proxy, the SSL bits must be going elsewhere. Maybe that's got something to do with it?
    Is there any connecting factor between all these sites? Sometimes sites upstream get tetchy when all your traffic appears to come from one IP - definitely seen this where it's an LA provided site and the school in question is on a separate ISP.

  3. Thanks to tom_newton from:

    SYNACK (9th November 2010)

  4. #3

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,270
    Thank Post
    884
    Thanked 2,747 Times in 2,321 Posts
    Blog Entries
    11
    Rep Power
    785
    Thats a point I did not check the chains for 443, the site itself should be fine as it is designed to be used by schools with single IPs, unfortunately it is not very fault tolerant and unless you are proxied you can never fit a whole class on a NZ grade internet link (<- nicest way I can put it).

    Its just the one site that is the issue but as it is mandated for testing not having it working causes issues. I had not even thought of the fact that SSL based traffic would not be possible to proxy so I'm assuming that squid just passes it through untouched. Any likelyhood of an SSL session limit stored somewhere weird. My main area is pretty much Windows so although I know enough to find out whats running and look for the basics anything above that is over my head for the time being.



SHARE:
+ Post New Thread

Similar Threads

  1. SQUID issue, anyone good with squid?
    By bart21 in forum Internet Related/Filtering/Firewall
    Replies: 4
    Last Post: 23rd April 2010, 10:12 AM
  2. How do you handle student owned laptops?
    By mctnguy in forum How do you do....it?
    Replies: 19
    Last Post: 3rd March 2010, 12:49 PM
  3. How does your school handle purchases?
    By RallyTech in forum How do you do....it?
    Replies: 11
    Last Post: 6th November 2009, 09:08 PM
  4. how would you handle this?
    By Little-Miss in forum General Chat
    Replies: 17
    Last Post: 5th October 2009, 10:20 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •