Hi All, Hope someone can shed some light on a problem I am experiencing... I can reproduce a "(104) Connection reset by peer" error consistently on a certain website when trying to login.
When the 502 bad gateway issue appears it looks like there is a missing FIN packet. I can access this site fine behind our company firewall, just have a problem when using squid proxy... here is a bit more info: Relevant lines in Squid access.log 1381271050.480 424 192.168.0.25 TCP_MISS/200 414 POST http://www.cmmsau.com/scripts/mms.dll/JAWS/MMS/acs/f_login - HIER_DIRECT/66.151.79.155 text/html 1381271050.838 297 192.168.0.25 TCP_MISS/502 3710 GET http://www.cmmsau.com/scripts/mms.dll/JAWS/MMS/acs/f_redirect? - HIER_DIRECT/66.151.79.155 text/html Here is a tcpdump: # tcpdump -i eth0 dst 66.151.79.155 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 16:53:53.462042 IP proxyserver.33784 > 66.151.79.155.http: S 264441315:264441315(0) win 5840 <mss 1460,sackOK,timestamp 447447258 0,nop,wscale 8> 16:53:53.665606 IP proxyserver.33784 > 66.151.79.155.http: . ack 258927824 win 23 <nop,nop,timestamp 447447462 0> 16:53:53.666037 IP proxyserver.33784 > 66.151.79.155.http: P 0:636(636) ack 1 win 23 <nop,nop,timestamp 447447462 0> 16:53:53.666217 IP proxyserver.33784 > 66.151.79.155.http: P 636:711(75) ack 1 win 23 <nop,nop,timestamp 447447462 0> 16:53:53.903639 IP proxyserver.33784 > 66.151.79.155.http: . ack 327 win 27 <nop,nop,timestamp 447447700 4801001> 16:53:54.028623 IP proxyserver.33784 > 66.151.79.155.http: P 711:1363(652) ack 327 win 27 <nop,nop,timestamp 447447825 4801001> # tcpdump -i eth0 src 66.151.79.155 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 16:55:17.007426 IP 66.151.79.155.http > proxyserver.34334: S 2581779361:2581779361(0) ack 350474126 win 16384 <mss 1380,nop,wscale 0,nop,nop,timestamp 0 0,nop,nop,sackOK> 16:55:17.225169 IP 66.151.79.155.http > proxyserver.34334: . ack 714 win 64822 <nop,nop,timestamp 4801834 447530601> 16:55:26.115901 IP 66.151.79.155.http > proxyserver.34334: P 1:327(326) ack 714 win 64822 <nop,nop,timestamp 4801924 447530601> 16:55:26.552923 IP 66.151.79.155.http > proxyserver.34334: . ack 1366 win 64170 <nop,nop,timestamp 4801928 447540018> 16:55:26.943813 IP 66.151.79.155.http > proxyserver.34334: R 327:327(0) ack 1366 win 0 Squid Cache: Version 3.3.9 configure options: '--prefix=/usr' '--includedir=/usr/include' '--datadir=/usr/share' '--bindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--localstatedir=/var' '--sysconfdir=/etc/squid' '--enable-auth' '--enable-auth-basic=ldap,getpwnam' '--enable-auth-ntlm=smb_lm' '--enable-external-acl-helpers=wbinfo_group,session' '--enable-removal-policies=heap,lru' '--enable-async-io' '--enable-storeio=aufs,ufs' '--enable-poll' '--enable-ntlm-fail-open' '--disable-ident-lookups' '--enable-delay-pools' '--disable-ipv6' --enable-ltdl-convenience I have played around with settings for ECN and Window Scaling but no luck... Any ideas guys? Cheers, John
