Re: Fwd: Re: pf: BAD state happens often with portsnap fetch update

From: Chuck Swiger <cswiger_at_mac.com>
Date: Wed, 27 Dec 2006 18:17:30 -0500
Colin Percival wrote:
> Max Laier wrote:
>> Another sollution, of course, would be to: Don't do that then.  It really 
>> seems wrong for a program to exhaust the outgoing port pool.
> 
> Portsnap tries to use a single HTTP/TCP connection for downloading large
> numbers of patches; the problem is being triggered by squid closing the
> HTTP connection after each file.

FYI, if you pass a:

   Connection: keep-alive

...header in the request, Squid will not close the client->proxy connection 
and you ought to be able to re-use it to make additional requests.

-- 
-Chuck

PS: Squid "supports HTTP/1.0 persistent connections", from which the HTTP/1.1 
style keepalives derive-- and quick testing suggests these persistent 
connections work with either HTTP/1.0 or 1.1 specified in the request.

However, please note that Squid apparently wants the original server to 
respond with a Content-length header, especially if the content is big enough 
to not be cached:

1-sec% telnet proxy 3128
Trying 192.168.1.2...
Connected to proxy.pkix.net.
Escape character is '^]'.
GET http://www.news.com HTTP/1.0
Connection: keep-alive

HTTP/1.0 302 Moved Temporarily
Date: Wed, 27 Dec 2006 23:08:53 GMT
Server: Apache/2
Location: http://news.com.com/
Content-Length: 204
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from sec.pkix.net
X-Cache-Lookup: MISS from sec.pkix.net:3128
Proxy-Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://news.com.com/">here</a>.</p>
GET http://www.news.com HTTP/1.1
Host: www.news.com
Connection: keep-alive

HTTP/1.0 302 Moved Temporarily
Date: Wed, 27 Dec 2006 23:09:19 GMT
Server: Apache/2
Location: http://news.com.com/
Content-Length: 204
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from sec.pkix.net
X-Cache-Lookup: MISS from sec.pkix.net:3128
Proxy-Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://news.com.com/">here</a>.</p>
</body></html>
GET http://news.com.com HTTP/1.1
Host: news.com.com
Connection: keep-alive

HTTP/1.0 200 OK
Date: Wed, 27 Dec 2006 23:00:14 GMT
Server: Apache/2.0
Accept-Ranges: bytes
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY 
ONL UNI FIN COM NAV INT DEM STA"
Content-Type: text/html
Expires: Wed, 27 Dec 2006 23:00:14 GMT
X-Cache: MISS from sec.pkix.net
X-Cache-Lookup: MISS from sec.pkix.net:3128
Proxy-Connection: close
[ ...HTML content snipped... ]
Connection closed.
Received on Wed Dec 27 2006 - 22:35:31 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:04 UTC