Home / server / Questions / 514597
In Process
daks
Asked: 2013-06-11 01:46:19 +0800 CST

Squid3 for Debian updates with upstream proxy

  • 772

I often need to setup new Debian servers, so I'm trying to setup a Squid proxy to cache apt-get updates/upgrades. But I always have a problem with some specific files it can retrieve.

Details:

  • i'm behing a proxy which is the only way to get access to internet. I don't know what software is used.
  • working on a ESX 5 : both squid server and clients
  • tried with squeeze and wheezy Debian release, booting on netinst CD or on network (PXE), with preseed configuration file or not

  • my Squid configuration looks like (parts of it)

    cache_peer      upstream_proxy.internal.domain.tld  parent  8080    0       no-query no-digest default
cache_replacement_policy        heap LFUDA
cache_dir ufs /var/spool/squid3 1000 16 256
maximum_object_size     200 MB
refresh_pattern .              0       20%     4320 refresh-ims

When running Debian installation, at first it works well (squid delivers packages correctly) but at one moment it tries to retrieve Packages.gz file and this one never gets delivered. I see the following entries in access.log (not sure if they always appears or not, seems not)

1370855387.060 950995 <internal IP> TCP_MISS/200 679695 GET http://ftp.fr.debian.org/debian/dists/squeeze/main/binary-amd64/Packages.gz - DEFAULT_PARENT/upstream_proxy.internal.domain.tld application/x-gzip
1370855542.916 947999 <internal IP> TCP_MISS/200 2247441 GET http://ftp.fr.debian.org/debian/dists/squeeze/main/binary-amd64/Packages.gz - DEFAULT_PARENT/upstream_proxy.internal.domain.tld application/x-gzip

If I use my upstream proxy directly in my Debian installer all works fine, so it must be a configuration problem but I can't figure what.

Anyone has an idea of what can be the problem or how I can debug it?

debian

1 Answers

  1. Your log entries are showing that the file is retrieved after a relatively long period of time (951 seconds / 947 seconds) but has differing length (679695 vs. 2247441 bytes) despite of the identical URI, which would indicate a problem. The transfer might be timing out after ~950 seconds and aborting - possibly forced by the upstream proxy.

    Check if you can retrieve the file successfully in sane time when not using Squid:

    export http_proxy="http://upstream_proxy.internal.domain.tld:8080"
wget http://ftp.fr.debian.org/debian/dists/squeeze/main/binary-amd64/Packages.gz

    and work from there isolating the issue. A tcpdump of the transfer between your Squid proxy instance and the remote proxy might help unclouding matters. Also, if available, check with the administrators / the technical support staff for the proxy you are using for possible causes for issues.

    • 1