Re: [squid-users] google misses with Squid - major problem

* Chris Robertson <crobertson@gci.com> [20050713 01:12]: wrote:
> > -----Original Message-----
> > From: Odhiambo Washington [mailto:wash@wananchi.com]
> > Sent: Tuesday, July 12, 2005 6:26 AM
> > To: squid-users@squid-cache.org
> > Subject: [squid-users] google misses with Squid - major problem
> >
> >
> >
> > I am having a strange problem with Squid. I run 2.5STABLE{9|10} in
> > a couple servers for my clients. The boxes are all FreeBSD. Squid
> > is run in acceleration mode since the boxes do transparent proxying.
> >
> > The boxes run at different locations. There are like 7 of them so far.
> >
> > Variously, users on those networks have contacted me with reports that
> > they cannot access google (Google redirects us to google.co.ke coz we
> > are in Kenya).
> >
> > The disturbing thing is that the boxes have worked before without any
> > problems, but after some time I have received these reports, from 4
> > sites! This is what shows in the access.log when this happens:
> >
> > 1120452181.031 428 192.168.4.14 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120458625.447 1403 192.168.4.37 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120541558.804 661 192.168.4.37 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120541568.228 341 192.168.4.37 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120555568.628 424 192.168.4.14 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120555587.197 357 192.168.4.14 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120555605.520 406 192.168.4.14 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120624519.863 2989 192.168.4.17 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120624523.116 315 192.168.4.17 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120624611.201 508 192.168.4.17 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> > 1120644171.539 493 192.168.4.29 TCP_MISS/503 1443 GET http://www.google.co.ke/ - NONE/- text/html
> >
> >
> > What could be the cause of this? Poisoned cache or what?
> >
> >
> >
> > -Wash
>
> What does the Squid error say for that page (what error do browsers see
> when using the proxy to get to www.google.co.ke)? The 503 error is
> cached (given the NONE in the 9th column), but that can be given for a
> number of reasons (Connection Failed, No DNS Entry, Permission Denied
> (on web server), actual server error, etc.). Put a request out to your
> clients to get a screen capture of the error.
>

Hello Chris,

Thank you for the response. I actually stumbled on the solution to my
problem. It happens that I was using the bogons aggregated[1] list on my
firewalls and I had not updated the bogons list for quite a number of
days as required and IANA seems to have given out 72.0.0.0/5 (or part
of) for assignments during this period of slumber ;)
google.co.ke falls within this CIDR and that is why I was having the
nightmares.

I feel so stupid I had to drag this to the squid list, but yes, your
suggestions took me to the FAQs and got me reading for the last 3 days,
leading to the discovery of my slumber. So thank you so much.

[1] http://www.cymru.com/Documents/bogon-bn-agg.txt

-Wash

--
+======================================================================+
    |\      _,,,---,,_     | Odhiambo Washington    <wash@wananchi.com>
Zzz /,`.-'`'    -.  ;-;;,_ | Wananchi Online Ltd.   www.wananchi.com
   |,4-  ) )-,_. ,\ (  `'-'| Tel: +254 20 313985-9  +254 20 313922
  '---''(_/--'  `-'\_)     | GSM: +254 722 743223   +254 733 744121
+======================================================================+
Coward, n.:
	One who in a perilous emergency thinks with his legs.
		-- Ambrose Bierce, "The Devil's Dictionary"