Sorry for the noise, I was able to find the cause: we use "dstdomain"
ACLs and Squid does reverse lookups.
It seems that Cloudflare DNS servers do not respond to PTR requests, and
since Squid has the default "dns_timeout" value to 30 seconds...:
$ host www.wireshark.org
www.wireshark.org has
Hello all,
I have a strange problem where some TLS connections are delayed by 30
seconds when going through my transparent proxy with WCCP. This occurs
typically with sites behind Cloudflare (for example,
https://www.wireshark.org). No problem for Google websites for example.
I only want to
