Using squid as a WCCP cache - getting "the connection has been reset" errors

her209

No Lifer
Oct 11, 2000
56,352
11
0
I have a CentOS 5.8 distro with squid installed running as a WCCP cache for a Cisco router. Had a hell of a time getting it to work, but its working now. But, now I am constanntly getting "The connection has been reset" error pages. Refresh a couple times and eventually it'll display the page. I'm assuming its because when the client sends the HTTP GET request to the destination HTTP server, it has to set up a TCP handshake first, but gets redirected by the router to the WCCP cache but the squid proxy server is too slow and a SYN timeout occurs, i.e., the client doesn't get the ACK response in time and the connection is closed.

I have a running tcpdump of the packets (mainly the GRE packets and the WCCP keepalives) sent between the router and the WCCP cache server and another tcpdump that displays any packets with source/destination port 80.

When I specify within the browser to use the squid server as a proxy server, I don't see the connection reset errors.
 
Last edited:

PCTC2

Diamond Member
Feb 18, 2007
3,892
33
91
I use squid as a transparent cache on my gateway server. As with you, I noticed connection issues, and points where the squid server would throw up a connection error. It never happened if I directly connected to the webproxy at 3128.

As you guessed, it has to do with the redirection. What is your maximum object size for your cache? I had mine set to 800MB (819200 KB in the conf file) and I bumped the cache size down to 10GB from 20GB with the maximum object size to 100MB (102400 KB in the conf) and I haven't noticed an issue since. I think it was the speed at which the cache was responding, and the large objects filling it and the large cache to manage, my weak gateway couldn't handle it.

They generally recommend a cache size of 6000-7000 MiB, but I had an SSD for caching so I thought I'd set it higher.