On Monday 09 February 2004 13:15, Rainer Traut wrote:
> Ok, here is the output of outgoing squid if to server.
> Please notice the 5sec delay between ie standstill and complete blocked
> domino server until I close my IE.


I see ~50 connections open from squid to domino,
all of them are being closed when you close IE.

Since I do not see tcpdump between IE and squid,
I can only guess that IE, too, kept ~50 open
connections to squid. You can verify this with
tcpdump and/or by viewing squid access log.

Why IE don't do it when you go direct? I don't know.
You may do detailed tcpdumps and try to spot differences
between direct/cached cases.

BTW. Is your squid transparent?

BTW#2. Why do you proxy https traffic at all?
What are you trying to achieve?

11:04:54.751905 10.0.0.22.30945 > 217.110.232.12.https: . ack 1 win 5840 =
(DF)
11:04:54.759791 10.0.0.22.30944 > 217.110.232.12.https: R 211:211(0) ack =
3138 win 14480 (DF)
11:04:54.767284 10.0.0.22.30952 > 217.110.232.12.https: S 1291454865:1291=
454865(0) win 5840 (=
DF)
11:04:54.767578 10.0.0.22.30952 > 217.110.232.12.https: . ack 1 win 5840 =
(DF)
=2E...here you close IE...
11:05:00.532545 10.0.0.22.30938 > 217.110.232.12.https: F 71:71(0) ack 1 =
win 5840 (DF)
11:05:00.683917 10.0.0.22.30901 > 217.110.232.12.https: F 1:1(0) ack 1 wi=
n 5840 (DF)
11:05:00.684375 10.0.0.22.30877 > 217.110.232.12.https: F 1:1(0) ack 1 wi=
n 5840 (DF)
11:05:00.684557 10.0.0.22.30534 > 217.110.232.12.https: F 1271438639:1271=
438639(0) ack 1486185834 win 5840 =
(DF)

IE DoSes your server. In this case inadvertently but still,
you have to take measures.
You probably should configure squid/Domino to limit number
of TCP connections from one IP, total number of open
connections and/or limit max connection lifetime.
--=20
vda