Squid Web Cache wiki

Squid Web Cache documentation

🔗 Troubleshooting: Hotmail.com

🔗 Synopsis

This website contains several rather broken systems. As of March 2011 these problems have been known for most of a decade and left unfixed by the Webmasters.

🔗 Symptoms

🔗 Explanation

HTTP is designed as a relay model, with a built-in concept of proxies and defined behaviour. It operates with stateless requests. These details are important when considering the Hotmail website.

The Hotmail is one of many websites with a security system is designed assuming a model of end-to-end client-to-server connectivity.

This latter detail betrays a historic browser behaviour of finding an IP that works for the website and re-using it for many connections. Squid historically did load balancing across all DNS provided IPs.

Hotmail is not unique in having this problem. There are many smaller websites which also exhibit these bad security decisions. Hotmail is merely the most popular and thus well-known (and longest lasting) problem.

🔗 Workaround

There are several changes needed to work with Hotmail. Each with their own problems.

To force all client requests to go to a consistent IP address you must disable destination load balancing in all network Systems when connecting to Hotmail. Turned off the Squid balance_on_multiple_ip directive. Other load balancing software may or may not have similar controls.

To force all client requests to go to Hotmail with consistent IPs. You can do one of a few things:

Categories: KnowledgeBase

Navigation: Site Search, Site Pages, Categories, 🔼 go up