[squid-users] zero sized reply

From: <[email protected]>
Date: Wed, 26 Mar 2003 14:48:09 -0600

I think I have thoroughly checked this out, and am stuck with this
problem.
Hotmail is not working for me through squid. I go to www.hotmail.com, get

redirected to the login page, I login and then in IE get the following
error:

"While trying to retrieve the URL:
http://lw10fd.law10.hotmail.msn.com/cgi-bin/hmhome?
The following error was encountered:
Zero Sized Reply
Squid did not receive any data for this request."

This has also happened while logged into Autodesk's website in the support
forums, and
while logged into the Dell website trying to download drivers. Otherwise
squid is working
perfectly.

This is my access.log at the time of one of these requests with debug set
to 33,2

1048709468.088 1 frishackv.buhler.com TCP_DENIED/407 1676 GET
http://www.hotmail.com/ - NONE/- text/html
1048709468.108 6 frishackv.buhler.com TCP_DENIED/407 1770 GET
http://www.hotmail.com/ - NONE/- text/html
1048709468.425 317 frishackv.buhler.com TCP_MISS/302 226 GET
http://www.hotmail.com/ buhler\jamie DIRECT/64.4.43.7 -
1048709468.437 3 frishackv.buhler.com TCP_DENIED/407 1760 GET
http://lc1.law13.hotmail.passport.com/cgi-bin/login - NONE/- text/html
1048709468.454 3 frishackv.buhler.com TCP_DENIED/407 1854 GET
http://lc1.law13.hotmail.passport.com/cgi-bin/login - NONE/- text/html
1048709469.052 598 frishackv.buhler.com TCP_MISS/302 525 GET
http://lc1.law13.hotmail.passport.com/cgi-bin/login buhler\jamie
DIRECT/64.4.43.7 text/html
1048709469.064 3 frishackv.buhler.com TCP_DENIED/407 1670 GET
http://ld.cb.msn.com/ - NONE/- text/html
1048709469.080 3 frishackv.buhler.com TCP_DENIED/407 1764 GET
http://ld.cb.msn.com/ - NONE/- text/html
1048709469.287 198 frishackv.buhler.com TCP_MISS/302 675 GET
http://ld.cb.msn.com/ buhler\jamie DIRECT/207.68.172.239 text/html
1048709469.533 245 frishackv.buhler.com TCP_MISS/200 1419 GET
http://loginnet.passport.com/login.srf? buhler\jamie DIRECT/65.54.226.254
text/html
1048709471.004 2 frishackv.buhler.com TCP_DENIED/407 1730 GET
http://login.passport.net/1033/L/PPIE.css - NONE/- text/html
1048709471.019 2 frishackv.buhler.com TCP_DENIED/407 1824 GET
http://login.passport.net/1033/L/PPIE.css - NONE/- text/html
1048709471.030 10 frishackv.buhler.com TCP_HIT/200 3974 GET
http://login.passport.net/1033/L/PPIE.css buhler\jamie NONE/- text/css
1048709471.247 217 frishackv.buhler.com TCP_MISS/404 258 GET
http://cb.msn.com/passport/cbhm_js.ashx? buhler\jamie
DIRECT/207.68.171.234 -
1048709471.271 5 frishackv.buhler.com TCP_DENIED/407 1763 GET
http://www.passportimages.com/logo_msnhmr_468x60.gif - NONE/- text/html
1048709471.287 6 frishackv.buhler.com TCP_DENIED/407 1763 GET
http://www.passportimages.com/1033/dotnetlogoBIG.gif - NONE/- text/html
1048709471.291 3 frishackv.buhler.com TCP_DENIED/407 1857 GET
http://www.passportimages.com/logo_msnhmr_468x60.gif - NONE/- text/html
1048709471.314 1221 frishackv.buhler.com TCP_MISS/200 15652 POST
http://login.passport.net/uilogin.srf? buhler\jamie DIRECT/65.54.225.244
text/html
1048709471.314 6 frishackv.buhler.com TCP_DENIED/407 1857 GET
http://www.passportimages.com/1033/dotnetlogoBIG.gif - NONE/- text/html
1048709471.484 236 frishackv.buhler.com TCP_MISS/200 366 GET
http://login.passport.net/images/T.gif buhler\jamie DIRECT/65.54.229.254
image/gif
1048709471.518 226 frishackv.buhler.com TCP_MISS/200 2257 GET
http://www.passportimages.com/logo_msnhmr_468x60.gif buhler\jamie
DIRECT/207.68.183.190 image/gif
1048709471.539 209 frishackv.buhler.com TCP_MISS/200 2184 GET
http://www.passportimages.com/1033/dotnetlogoBIG.gif buhler\jamie
DIRECT/207.68.183.190 image/gif
1048709471.548 227 frishackv.buhler.com TCP_MISS/200 368 GET
http://login.passport.net/images/yellow.gif buhler\jamie
DIRECT/65.54.229.246 image/gif
1048709478.124 2 frishackv.buhler.com TCP_DENIED/407 1673 CONNECT
login.passport.com:443 - NONE/- text/html
1048709478.139 2 frishackv.buhler.com TCP_DENIED/407 1767 CONNECT
login.passport.com:443 - NONE/- text/html
1048709478.616 476 frishackv.buhler.com TCP_MISS/200 1889 CONNECT
login.passport.com:443 buhler\jamie DIRECT/65.54.230.240 -
1048709478.628 2 frishackv.buhler.com TCP_DENIED/407 1682 CONNECT
loginnet.passport.com:443 - NONE/- text/html
1048709478.643 2 frishackv.buhler.com TCP_DENIED/407 1776 CONNECT
loginnet.passport.com:443 - NONE/- text/html
1048709479.146 503 frishackv.buhler.com TCP_MISS/200 2851 CONNECT
loginnet.passport.com:443 buhler\jamie DIRECT/65.54.226.247 -
1048709495.125 15927 frishackv.buhler.com TCP_MISS/503 1332 GET
http://www.hotmail.msn.com/cgi-bin/sbox? buhler\jamie DIRECT/64.4.52.7
text/html

Looked at FAQ section 11.16 ``Hot Mail'' complains about: Intrusion
Logged. Access denied.
``Hot Mail'' is proxy-unfriendly and requires all requests to come from
the same IP address. You can fix this by adding to your squid.conf:

        hierarchy_stoplist hotmail.com

-I added this, but since I am a standalone instance of squid this should
be irrelevant, right?

Looked through FAQ section 11.51 Why do I sometimes get ``Zero Sized
Reply''?
I don't see how anything there could be the source of the problem:

from FAQ:
1. An overloaded origin server.

-I get this error 100% of the times I try this, and have tried at various
times

2. TCP implementation/interoperability bugs.

-My linux box has otherwise no TCP issues, and the websites mentioned are
too large to have this be the issue

3. Race conditions with HTTP persistent connections.

-How would you go about testing this?

4. Buggy or misconfigured NAT boxes, firewalls, and load-balancers.

-cache box is behind a cisco PIX firewall that is performing NAT; is there
any possible issue here?
-note that there are only problems with these sites when going through the
squid proxy server.

5. Denial of service attacks.

-this is definetly not the issue here

from FAQ:
some things you can try to reduce the occurance of the Zero Sized Reply
error:

1. Delete or rename your cookie file and configure your browser to prompt
you before accepting any new cookies.

-tried this, no difference

2. Disable HTTP persistent connections with the
server_persistent_connections and client_persistent_connections
directives.

-When I disable both of these, I cannot connect to any websites, I get
error:
'Cannot find server or DNS Error
Internet Explorer'

3. Disable any advanced TCP features on the Squid system. Disable ECN on
Linux with echo 0 > /proc/sys/net/ipv4/tcp_ecn/.

-Disabled ECN with: echo 0 > /proc/sys/net/ipv4/tcp_ecn; no change

here is a tcpdump of my hotmail login session:

[root@Intranix tmp]# tcpdump -n -nn | grep ".443" (not sure if I'm
catching the whole session)
tcpdump: listening on eth0

tcpdump: listening on eth0
13:35:45.004443 192.168.4.32.37857 > 207.68.173.246.80: . ack 189 win 5896
<nop,nop,timestamp 83390161 97585292> (DF)
13:35:45.063737 192.168.4.32.8080 > 192.168.4.30.2891: P 1321:1764(443)
ack 402 win 5896 (DF)
13:36:11.176889 192.168.4.32.37863 > 65.54.231.240.443: S
1085405693:1085405693(0) win 5280 <mss 1320,sackOK,timestamp 83403562
0,nop,wscale 0> (DF)
13:36:11.284817 65.54.231.240.443 > 192.168.4.32.37863: S
2580426771:2580426771(0) ack 1085405694 win 64240 <mss
1380,nop,nop,timestamp 0 0,nop,nop,sackOK> (DF)
13:36:11.284879 192.168.4.32.37863 > 65.54.231.240.443: . ack 1 win 5280
<nop,nop,timestamp 83403617 0> (DF)
13:36:11.288742 192.168.4.32.37863 > 65.54.231.240.443: P 1:103(102) ack 1
win 5280 <nop,nop,timestamp 83403619 0> (DF)
13:36:11.400434 65.54.231.240.443 > 192.168.4.32.37863: P 1:943(942) ack
103 win 64138 <nop,nop,timestamp 25627 83403619> (DF)
13:36:11.400477 192.168.4.32.37863 > 65.54.231.240.443: . ack 943 win 6594
<nop,nop,timestamp 83403676 25627> (DF)
13:36:11.407650 192.168.4.32.37863 > 65.54.231.240.443: P 103:307(204) ack
943 win 6594 <nop,nop,timestamp 83403680 25627> (DF)
13:36:11.523259 65.54.231.240.443 > 192.168.4.32.37863: P 943:1010(67) ack
307 win 63934 <nop,nop,timestamp 25628 83403680> (DF)
13:36:11.530102 192.168.4.32.37863 > 65.54.231.240.443: P 307:1342(1035)
ack 1010 win 6594 <nop,nop,timestamp 83403743 25628> (DF)
13:36:11.530255 192.168.4.32.37863 > 65.54.231.240.443: P 1342:1432(90)
ack 1010 win 6594 <nop,nop,timestamp 83403743 25628> (DF)
13:36:11.640551 65.54.231.240.443 > 192.168.4.32.37863: . ack 1432 win
64240 <nop,nop,timestamp 25629 83403743> (DF)
13:36:11.641364 65.54.231.240.443 > 192.168.4.32.37863: P 1010:1148(138)
ack 1432 win 64240 <nop,nop,timestamp 25629 83403743> (DF)
13:36:11.645626 65.54.231.240.443 > 192.168.4.32.37863: FP 1148:1851(703)
ack 1432 win 64240 <nop,nop,timestamp 25629 83403743> (DF)
13:36:11.645831 192.168.4.32.37863 > 65.54.231.240.443: F 1432:1432(0) ack
1852 win 8478 <nop,nop,timestamp 83403802 25629> (DF)
13:36:11.696733 192.168.4.32.37864 > 65.54.225.254.443: S
1092815770:1092815770(0) win 5280 <mss 1320,sackOK,timestamp 83403828
0,nop,wscale 0> (DF)
13:36:11.752936 65.54.231.240.443 > 192.168.4.32.37863: . ack 1433 win
64240 <nop,nop,timestamp 25630 83403802> (DF)
13:36:11.805915 65.54.225.254.443 > 192.168.4.32.37864: S
601303812:601303812(0) ack 1092815771 win 17160 <mss
1380,nop,nop,timestamp 0 0,nop,nop,sackOK> (DF)
13:36:11.805971 192.168.4.32.37864 > 65.54.225.254.443: . ack 1 win 5280
<nop,nop,timestamp 83403884 0> (DF)
13:36:11.809619 192.168.4.32.37864 > 65.54.225.254.443: P 1:103(102) ack 1
win 5280 <nop,nop,timestamp 83403886 0> (DF)
13:36:11.919204 65.54.225.254.443 > 192.168.4.32.37864: . ack 103 win
17058 <nop,nop,timestamp 29869776 83403886> (DF)
13:36:11.926245 65.54.225.254.443 > 192.168.4.32.37864: P 1:946(945) ack
103 win 17058 <nop,nop,timestamp 29869776 83403886> (DF)
13:36:11.926286 192.168.4.32.37864 > 65.54.225.254.443: . ack 946 win 6615
<nop,nop,timestamp 83403946 29869776> (DF)
13:36:11.935114 192.168.4.32.37864 > 65.54.225.254.443: P 103:307(204) ack
946 win 6615 <nop,nop,timestamp 83403950 29869776> (DF)
13:36:12.043722 65.54.225.254.443 > 192.168.4.32.37864: . ack 307 win
16854 <nop,nop,timestamp 29869777 83403950> (DF)
13:36:12.051074 65.54.225.254.443 > 192.168.4.32.37864: P 946:1013(67) ack
307 win 16854 <nop,nop,timestamp 29869777 83403950> (DF)
13:36:12.059020 192.168.4.32.37864 > 65.54.225.254.443: P 307:1469(1162)
ack 1013 win 6615 <nop,nop,timestamp 83404013 29869777> (DF)
13:36:12.171137 65.54.225.254.443 > 192.168.4.32.37864: . ack 1469 win
17160 <nop,nop,timestamp 29869778 83404013> (DF)
13:36:12.189858 65.54.225.254.443 > 192.168.4.32.37864: P 1013:2266(1253)
ack 1469 win 17160 <nop,nop,timestamp 29869778 83404013> (DF)
13:36:12.189903 65.54.225.254.443 > 192.168.4.32.37864: P 2266:2813(547)
ack 1469 win 17160 <nop,nop,timestamp 29869778 83404013> (DF)
13:36:12.189938 192.168.4.32.37864 > 65.54.225.254.443: . ack 2813 win
11277 <nop,nop,timestamp 83404081 29869778> (DF)
13:36:12.190145 65.54.225.254.443 > 192.168.4.32.37864: F 2813:2813(0) ack
1469 win 17160 <nop,nop,timestamp 29869778 83404013> (DF)
13:36:12.190308 192.168.4.32.37864 > 65.54.225.254.443: F 1469:1469(0) ack
2814 win 11277 <nop,nop,timestamp 83404081 29869778> (DF)
13:36:12.298812 65.54.225.254.443 > 192.168.4.32.37864: . ack 1470 win
17160 <nop,nop,timestamp 29869779 83404081> (DF)

-My squid server IP is 192.168.4.32; Red Hat Linux 8.0, kernel 2.4.18-14;
squid 2.5-STABLE1 ; using NTLM authentication
-My test client is Windows xp pro SP1a with IE(version:
6.0.2048.1106.xpsp1.020828-1920)

Sorry for being so verbose, but I really need to know why my setup is
causing these problems.
Please, it is not helpful to simply say 'it works on my squid', some
people have already said
that hotmail is working for them.
I'm not trying to say that squid doesn't work, just need to know what I am
doing wrong.

Thanks for the great support given on this list

-jamie-
Received on Wed Mar 26 2003 - 13:47:17 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:21 MST