Public bug reported: While issuing a POST login request to the website http://portal.greatsouthernwood.com it was noticed it would hang for several minutes until finally a timeout occurred. Topology of environment:
Client --> Squid --> FortiGate --> DSL Upon pcap investigation we noticed the following series of events: 1. POST request from squid to FortiGate 2. FortiGate sends a TCP ZeroWindow to pause connection for webfilter function(by design) 3. FortiGate immediately sends TCP Window Update to continue 4. Squid does not retransmit for 2 minutes. No ACK was seen by the initial POST so Squid should have triggered a retransmit based on its' retransmit timeout, which is surely not 2 minutes. I have screenshots showing the interesting streams. (will upload if possible) retransmit-broken.png -- when issue happens retransmit-working.png -- when issue doesnt happen(expected behavior) the 10.x address is the squid server...this is occurring in approximately 2000 environments running squid all on different providers, so it's definitely not isolated to one device. Any assistance in figuring this out would be appreciated. It should be noted when we disable the webfilter on the FortiGate, there are no more tcp zerowindows being sent, therefore the issue goes away...so it really does appear to affect things due to that flag. This is occurring with Squid only on Ubuntu(tried on other distros to recreate and haven't been able to), therefore I wonder if it's something with the OS itself. OS: (Ubuntu 12.10) Squid: 3.1.20 Adding image links of pcaps taken: http://imageshack.us/photo/my-images/10/retransmitbroken.png/ http://imageshack.us/photo/my-images/401/retransmitworking.png/ ** Affects: squid (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid in Ubuntu. https://bugs.launchpad.net/bugs/1155752 Title: TCP Re-Transmits not occurring reliably after a ZeroWindow/WindowUpdate. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/1155752/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
