OK, I've seen this matter discussed a few times, but I have a system that
is still behaving somewhat unexpected
We have the following setup:
clients---->squid---->parent proxy (not squid)---->internet
we want squid to always talk to the parent proxy. Basically this works
after configuring the never_direct stuff: Squid always goes to the parent
proxy for http requests. But on the other hand squid always tries to
resolve hostnames in requested URLs before it passes the request to the
parent proxy. Only _after_ the DNS request has timed out (squid is not
allowed to talk to the DNS servers) the request ist passed to the parent
proxy.
The process looks like this:
client requests http://www.abc.com -> squid tries to resolve "www.abc.com"
-> squid waits for dns timeout -> squid passes http://www.abc.com to parent
proxy
Further request to the same server are fine, since squid does negative DNS
caching.
Thing is, squid actually does not need to do any DNS resolution at all, but
ist still tries to.
I have set the timeout for dns queries to 5 seconds and the dns negative
caching to 24 hours, so it basically works, but that's a workaround, not a
solution.
Can anyone come up with a solution, or at least an explanation?
(My guess is that maybe the neighbor selection algorithm is performed
before the never_direct-stuff is evaluated and squid tries to figure out
who might be the best peer for the request (No, I have not defined any
cache_peers other than the parent proxy))
i.A. Dipl. Math. Horst Mundt
Professional Communication
___________________________________________________
arxes Network Communication Consulting AG
Tel.: +49 221 96486 - 156
Fax: + 49 221 96486 - 202
Email: horst.mundt@arxes.de
WEB: http://www.arxes.de
___________________________________________________
Disclaimer
Diese E-Mail kann vertrauliche und/oder rechtlich geschützte Informationen
enthalten. Wenn Sie nicht der beabsichtigte Empfänger sind oder diese E-Mail
irrtümlich erhalten haben, informieren Sie bitte sofort den Absender tele-
fonisch oder per E-Mail und löschen Sie diese E-Mail aus Ihrem System. Das
unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht
gestattet. Wir haften nicht für die Unversehrtheit von E-Mails, nachdem sie
unseren Einflussbereich verlassen haben.
This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error) please
notify the sender immediately by call or e-mail and destroy this e-mail. Any
unauthorised copying, disclosure or distribution of the material in this
e-mail is strictly forbidden. We are not responsible for the integrity of
e-mails after they have left our sphere of control.
Received on Wed Mar 03 2004 - 09:52:55 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:01 MST