Lag in squid TCP_TUNNEL/200 access.log

squid response-time

I'm getting very high Squid response time (tr) with almost all status code TCP_TUNNEL/200 analyzing access.log in 3 servers on different costumers.

All was installed by me following the same procedure based on Ubuntu Server 16.04 LTS with automatic security updates activated. They was performing well as samba, bind, dhcp, ntp server by more than a year.

My research on the subject resulted in some blaming the delays to dns / ipv6 problems, so I slightly modified the log format for debugging in 1 of the 3 servers including "%dt": Total time spent making DNS lookups (milliseconds):

logformat mysquidlf    %ts.%03tu %-dt %tr %-40>A %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<a %mt

So when some firefox PC open mail.google.com I see in access.log:

~$ cat /var/log/squid/access.log
1524000467.969 -   234039 mn-secretaria  TCP_TUNNEL/200 357198 CONNECT accounts.google.com:443 - HIER_DIRECT/172.217.30.173 -

You can see, the dns lag is "-" (that means zero from squid internal dns cache) and the not-logical response time 234039ms.

But when I test in server's and client's terminal the results looks normal:

user@server01:~$ wget https://mail.google.com

user@mn-secretaria:~$ wget https://mail.google.com

~$ cat /var/log/squid/access.log
1524000167.319 -   950 server01       TCP_TUNNEL/200 4350 CONNECT mail.google.com:443 - HIER_DIRECT/172.217.162.5 -
1524000167.640 160 739 server01       TCP_TUNNEL/200 67593 CONNECT accounts.google.com:443 - HIER_DIRECT/172.217.30.173 -
1524000266.950 -   931 mn-secretaria  TCP_TUNNEL/200 4351 CONNECT mail.google.com:443 - HIER_DIRECT/172.217.30.165 -
1524000267.300 -   658 mn-secretaria  TCP_TUNNEL/200 67710 CONNECT accounts.google.com:443 - HIER_DIRECT/172.217.30.173 -

As you can see, the dns lag is 160ms in the second log entry and "-" in the 3 others. And the response time between 739ms and 950ms.

Any help debugging this big difference in Squid response time?


Since the version 3.1.16, squid tries to resolver IPv6 DNS records (AAAA) first, and then fallback to IPv4 (A) records. This may be the cause of delay on IPv4-only networks.

Adding "dns_v4_first on" to your config file should help.

Related

Microsoft 365 Group email only being delivered to external addresses
How to change variables fed into a for loop in list form
Why Npm run watch giving to me TypeError: text.forEach is not a function
Pandas ffill() with average of before missing value and after missing value
Flutter/Dart - Open a view after a delay
setting up graphics.gloss haskell
indirect speech [duplicate]
Antonym of "advance"
Do negatives work algebraically? [closed]
What does "spectremancer" mean?
Word for an intense look
Is there a word or expression to describe when someone has learned a big word and is waiting for an opportunity to use it?