On 14/05/11 00:05, Javier Conti wrote:
> Hello,
>
> I have an internal Squid 3.1.12 proxy which has no direct access to
> any sites but instead forwards all request to a few external proxies
> (also Squid 3.1.12).
> To accomplish this, I have 4 cache_peers configured as parent and use
> the "never_direct allow all" directive.
>
> It mostly works as expected, but sniffing the network traffic, I see
> it's trying to resolve, with iDNS via the DNS server configured in
> /etc/resolv.conf, every request it handles.
> Those DNS servers have no access to root servers or to the outside
> world at all, so this proxy never gets a positive answer from the DNS.
>
> How can I completely disable DNS queries on the internal proxy, and
> let just the external proxies do the names resolution?
You have configured it to check the destination IP in a "dst" ACL.
Remove that ACL.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.7 and 3.1.12.1Received on Sat May 14 2011 - 05:38:29 MDT
This archive was generated by hypermail 2.2.0 : Sat May 14 2011 - 12:00:01 MDT