[prev in list] [next in list] [prev in thread] [next in thread]
List: squid-users
Subject: Re: [squid-users] The system returned: (111) Connection refused;
From: deepa ganu <deepaganu () gmail ! com>
Date: 2016-05-27 15:15:11
Message-ID: CA+qV5kKsahx91qeejOpQha7+E50T9Xob=HVmOu6G9xMNguez=w () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On May 27, 2016 5:43 PM, "Amos Jeffries" <squid3@treenet.co.nz> wrote:
>
> On 27/05/2016 8:55 p.m., deepa ganu wrote:
> > Hi
> > I am using squid as a reverse.
> >
> > #http_port 80 accel defaultsite=202.53.13.19
> > https_port 443 accel cert=/var/www/html/webrtc/imp/teleuniv.net.crt
> > key=/var/www/html/webrtc/imp/teleuniv.net.key
> > cafile=/var/www/html/webrtc/imp/intermediate.crt
defaultsite=202.53.13.19
> > no-vhost
> >
> >
> > #this ACL is url path specific which accepts only portal urls and deny
> > others.
> > acl portal urlpath_regex ^/portal6may
> > cache_peer 172.20.36.144 parent 80 0 no-query originserver
name=portalserver
> > cache_peer_access portalserver allow portal
> > cache_peer_access portalserver deny all
> > http_access allow portal
> >
> >
> > cache_peer 172.20.36.150 parent 443 0 no-query originserver ssl
> > sslflags=DONT_VERIFY_PEER login=PASS connection-auth=off name=teleuniv
> > acl our_sites dstdomain 202.53.13.19
> > http_access allow our_sites
> > cache_peer_access teleuniv allow our_sites
> > cache_peer_access teleuniv deny all
> >
> > SO when i try to access the url https://202.53.13.19/ I get the
following
> > error
> > "The following error was encountered while trying to retrieve the URL:
The
> > system returned: (111) Connection refused; The remote host or network
may
> > be down. Please try the request again."
> >
> > It only gives for 172.20.36.144 not for the urlpath acl.
>
> You have configured Squid to:
>
> 1) "no-vhost" - ignore the Host header the client sent indicating what
> domain name it was contacting.
It usually is vhost and the domain name is teleuniv.com but for testing
purposes we use public IP 202.53.13.19
>
> 2) defaultsite=202.53.13.19 - use "202.53.13.19" as the domain *name*
> for all requests received through that https_port.
>
> Why would you expect to see anything other than https://202.53.13.19 in
> the URL when you have configured those?
Didnt understand the above mentioned point
>
> > But this happens
> > only sometimes. When I physically go to that server (172.20.36.150) and
> > click on the wired connection (one of the LAN options using linux). It
> > works again. I am very confused
>
> Your use of "physically" seems to be incorrect. You walked up to the
> machine hardware and did what ?
> I logged in the machine and click on "wired connection"
> "Clicking" seems to be that you logged in (not physically) and changed
> something which affected how Squid was able to connect to it.
>
>
> All traffic with the domain name "202.53.13.19" and not the path
> "/portal6may" gets sent to the second cache_peer (172.20.36.150).
>
> So what do you expect to happen when the server 172.20.36.150 receives a
> request with Host: header domain name set to "202.53.13.19" ?
>I didn't understand the host: header part any references to understand
>
> It seems like the servers connectivity is a bit flakey and getting
> disconnected occasionally. But the wrong Squid configuration could be
> hiding some other issue.
> I read somewhere it happens when cache is full. Can u tell me what should
be cache size if my HDD 500 gb and 32 MB RAM
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-user
[Attachment #5 (text/html)]
<p dir="ltr"><br>
On May 27, 2016 5:43 PM, "Amos Jeffries" <<a \
href="mailto:squid3@treenet.co.nz">squid3@treenet.co.nz</a>> wrote:<br> ><br>
> On 27/05/2016 8:55 p.m., deepa ganu wrote:<br>
> > Hi<br>
> > I am using squid as a reverse.<br>
> ><br>
> > #http_port 80 accel defaultsite=202.53.13.19<br>
> > https_port 443 accel cert=/var/www/html/webrtc/imp/teleuniv.net.crt<br>
> > key=/var/www/html/webrtc/imp/teleuniv.net.key<br>
> > cafile=/var/www/html/webrtc/imp/intermediate.crt \
defaultsite=202.53.13.19<br> > > no-vhost<br>
> ><br>
> ><br>
> > #this ACL is url path specific which accepts only portal urls and deny<br>
> > others.<br>
> > acl portal urlpath_regex ^/portal6may<br>
> > cache_peer 172.20.36.144 parent 80 0 no-query originserver \
name=portalserver<br> > > cache_peer_access portalserver allow portal<br>
> > cache_peer_access portalserver deny all<br>
> > http_access allow portal<br>
> ><br>
> ><br>
> > cache_peer 172.20.36.150 parent 443 0 no-query originserver ssl<br>
> > sslflags=DONT_VERIFY_PEER login=PASS connection-auth=off name=teleuniv<br>
> > acl our_sites dstdomain 202.53.13.19<br>
> > http_access allow our_sites<br>
> > cache_peer_access teleuniv allow our_sites<br>
> > cache_peer_access teleuniv deny all<br>
> ><br>
> > SO when i try to access the url <a \
href="https://202.53.13.19/">https://202.53.13.19/</a> I get the following<br> > \
> error<br> > > "The following error was encountered while trying to \
retrieve the URL: The<br> > > system returned: (111) Connection refused; The \
remote host or network may<br> > > be down. Please try the request \
again."<br> > ><br>
> > It only gives for 172.20.36.144 not for the urlpath acl.<br>
><br>
> You have configured Squid to:<br>
><br>
> 1) "no-vhost" - ignore the Host header the client sent indicating \
what<br> > domain name it was contacting.<br>
It usually is vhost and the domain name is <a \
href="http://teleuniv.com">teleuniv.com</a> but for testing purposes we use public IP \
202.53.13.19<br> ><br>
> 2) defaultsite=202.53.13.19 - use "202.53.13.19" as the domain \
*name*<br> > for all requests received through that https_port.<br>
><br>
> Why would you expect to see anything other than <a \
href="https://202.53.13.19">https://202.53.13.19</a> in<br> > the URL when you \
have configured those?<br> Didnt understand the above mentioned point<br>
><br>
> > But this happens<br>
> > only sometimes. When I physically go to that server (172.20.36.150) and<br>
> > click on the wired connection (one of the LAN options using linux). It<br>
> > works again. I am very confused<br>
><br>
> Your use of "physically" seems to be incorrect. You walked up to \
the<br> > machine hardware and did what ?<br>
> I logged in the machine and click on "wired connection"<br>
> "Clicking" seems to be that you logged in (not physically) and \
changed<br> > something which affected how Squid was able to connect to it.<br>
> <br>
><br>
> All traffic with the domain name "202.53.13.19" and not the path<br>
> "/portal6may" gets sent to the second cache_peer (172.20.36.150).<br>
><br>
> So what do you expect to happen when the server 172.20.36.150 receives a<br>
> request with Host: header domain name set to "202.53.13.19" ?<br>
>I didn't understand the host: header part any references to understand <br>
><br>
> It seems like the servers connectivity is a bit flakey and getting<br>
> disconnected occasionally. But the wrong Squid configuration could be<br>
> hiding some other issue.<br>
> I read somewhere it happens when cache is full. Can u tell me what should be \
cache size if my HDD 500 gb and 32 MB RAM <br> > Amos<br>
><br>
> _______________________________________________<br>
> squid-users mailing list<br>
> <a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> <a href="http://lists.squid-cache.org/listinfo/squid-user">http://lists.squid-cache.org/listinfo/squid-user</a></p>
[Attachment #6 (text/plain)]
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic