[squid-users] squid does not work after ISP move.

From: Greg Whynott <greg@dont-contact.us>
Date: Mon, 10 Apr 2006 13:55:36 -0400

Hello,

please CC me on any follow ups as I no longer receive squid list emails.
thank you very much.

I have been using squid since the beginning of time (1999) and this is
the first show stopper I have ran into, nice work!!

Over the weekend we changed ISPs. the only thing changed on the network
was the physical ISP router the firewall was connected to, the
firewall was given a new IP on its external interface (ACLs remained the
same), the DMZ and internal hosts/network had no changes, excluding
DNS changes on the external DNS server, which does not service internal
queries. Both the old and new Internet solution came to us over multi
T1s (using OSPF to load share).

We tested over the weekend, everything seemed fine. From external
sites we could hit all of our DMZ services, from internally we could
send mail, everything else worked as expected also. I assumed because
we could load external web sites, all was well and time to go home.

Today, Monday, when I came into work there were several emails about
sites not loading. The common thing amount these sites was they seemed
to want to POST something. For example, you can not log onto webmail
servers using squirrelmail at all, gmail allows you to log on but not
send mail, yahoo mail is broken in the same way, and many other sites
will not load if they have forms or similar.

If I remove the proxy config from my browser, go direct to the site,
things work.

Any idea? attached is a tar.gz of the squid logs, the production squid
server is 2.5.STABLE8, and I just set up and tested 2.5.STABLE13 on
another server, same results. the logs are from the new proxy setup.
Below is a part of the debug log where it looks as if things might start
to go south (this is after restarting squid in debug mode:: squid -k
debug):

all the below has the same time stamp: 2006/04/10 13:08:06

 comm_poll: FD 15 ready for writing
 commHandleWrite: FD 15: off 0, sz 87.
 commHandleWrite: write() returns 87
 cbdataValid: 0x84d3340
 httpSendRequestEntry: FD 15: size 87: errflag 0.
 httpSendRequestEntryDone: FD 15
 httpSendRequestEntryDone: No brokenPosts list
 httpSendComplete: FD 15: size 0: errflag 0.
 commSetTimeout: FD 15 timeout 900
 cbdataUnlock: 0x84d3340
 comm_poll: 1+0 FDs ready
 comm_poll: FD 15 ready for reading
 httpReadReply: FD 15: len -1.
 httpReadReply: FD 15: read failure: (104) Connection reset by peer.
 fwdFail: ERR_READ_ERROR "Bad Gateway"
        http://notes.fqdn.com/src/redirect.php
 comm_close: FD 15
 commCallCloseHandlers: FD 15
 commCallCloseHandlers: ch->handler=0x807e350
 cbdataValid: 0x84d3340
 storeUnlockObject: key 'BA8D1FD8AECCBFEFC149B8D63E0D93C6' count=2
 cbdataFree: 0x84d3340
 cbdataFree: 0x84d3340 has 1 locks, not freeing
 cbdataUnlock: 0x84d3340
 cbdataUnlock: Freeing 0x84d3340
 commCallCloseHandlers: ch->handler=0x8071a30
 cbdataValid: 0x84d28e0
 fwdServerClosed: FD 15 http://notes.fqdn.com/src/redirect.php
 fwdStateFree: 0x84d28e0
 storeLockObject: key 'BA8D1FD8AECCBFEFC149B8D63E0D93C6' count=3
 creating rep: 0x84d7190
 init-ing hdr: 0x84d71d0 owner: 2
 0x84d71d0 lookup for 38
 0x84d71d0 lookup for 9
 0x84d71d0 lookup for 22
 errorConvert: %U --> 'http://notes.fqdn.com/src/redirect.php'
 errorConvert: %U --> 'http://notes.fqdn.com/src/redirect.php'
 errorConvert: %E --> '(104) Connection reset by peer'
 errorConvert: %w --> '5555@dkp.com'
 errorConvert: %w --> '5555@dkp.com'
 errorConvert: %T --> 'Mon, 10 Apr 2006 17:08:06 GMT'
 errorConvert: %h --> 'new0.dkp.com'
 errorConvert: %s --> 'squid/2.5.STABLE13'
 errorConvert: %S --> '
<BR clear="all">
<HR noshade size="1px">
<ADDRESS>
Generated Mon, 10 Apr 2006 17:08:06 GMT by new0.dkp.com (squid/2.5.STABLE13)
</ADDRESS>
</BODY></HTML>
'

Received on Mon Apr 10 2006 - 11:55:06 MDT

This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT