Per Jessen wrote:
I am debugging an issue with our transparent web proxy and I have a suspicion that some icmp redirects are being missed or not issued. I would like to see the route cache, all of it, but I can't find the right commands:
Displaying the routes for individual IPs works fine:
# ip route get 195.93.85.9 195.93.85.9 via 192.168.2.133 dev wlan0 src 192.168.3.22 cache <redirected> # ip route get 83.140.106.62 83.140.106.62 via 192.168.2.133 dev wlan0 src 192.168.3.22 cache <redirected>
# ip route show cache (shows nothing)
# ip route show cached (shows nothing)
# ip route show table cache (shows nothing)
I ended up using tcpdump to track which icmp redirects the system is receiving. Here is the issue: When loading a complex page such as a page of an on-line newspaper with ads, facebork etc., not all connections are being redirected. The page will typically pull on resources from 8-10 different places, but the browser ends up waiting for one of them which was not redirected. It's not the same one, it appears to be random. When the request times out and is retried, usually the redirect happens, but this means it takes 2 minutes to load a single page .... I have recently upgraded the firewall (which does the redirecting) to 13.1, and as it worked fine before, this is almost certainly a kernel/network issue with the newer kernel. I have checked that the redirects aren't somehow lost, so I know that every redirect being sent from the firewall is also seen by the client. It does however look like the redirect is sometimes ignored by the client, e.g. when I see two redirects for the same IP-address, but 2 minutes apart. It could be multiple requests, but surely not two minutes apart. Hmm, I guess I should be posting this to linux-kernel instead :-( -- Per Jessen, Zürich (5.7°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org