Hello Donovan,
I tried as you told me to insert the following statements:
acl localsites dstdomain intranet ( where intranet is a server and not a network)
and
always_direct allow localsites
Now I get another error:
Der DNS-Server gab:
Name Error: The domain name does not exist.
If I try nslookup intranet exists, also if I trie with ping.
What\'s strange is that the error is that the domain does not exist, but intranet
is a host.
In cache.log there are the following lines
2002/08/06 08:02:15| Adding nameserver 10.53.5.8 from /etc/resolv.conf
2002/08/06 08:02:15| Adding nameserver 10.53.5.9 from /etc/resolv.conf
And this machines ARE my nameservers.
Thank you for you help
Andreas
Zitiere Donovan Baarda <abo@minkirri.apana.org.au>:
> On Mon, Aug 05, 2002 at 03:31:44PM +0200, Andreas Moroder wrote:
> > Hello,
> >
> > we use squid with a cache peer. Now I wnat to configure it the way it
> does
> > access directly all local servers.
> >
> > I tried this by adding the following lines to my squid.conf
> >
> > cache_peer_domain proxy.provinz.bz.it !se-nord.provinz.bz.it
> >
> > append_domain .se-nord.provinz.bz.it
> >
> > This way it should append the domain and then not use the
> cache_peer,
> > but it does not work. I allways get a error messages from my cache
> peer, that
> > servername.se-nord.provinz.bz.it in not reachable.
> >
> > What is wrong in my configuration ?
> > Is there a way to solve this without recompilation ?
>
> Looks like squid checks cache_peer_domain stuff before doing the
> append_domain.
>
> I\'d suggest using cache_peer_access and/or always_direct instead;
>
> acl localsites dstdomain localhost .se-nord.provinz.bz.it
> no_cache deny localsites #prevents caching of localsites
> always_direct allow localsites #goes direct for localsites
> cache_peer_access <peername> deny localsites #avoids <peername> for
> localsites
>
> You don\'t really need both cache_peer_access and always_direct, but I
> present both here to show you your options. cache_peer_access is better
> if
> you do have other peers that you do want to use for localsites.
> always_direct is better if you never want to use any peers for
> localsites,
> which is probably more common.
>
> If you find that this still doesn\'t work, then squid must be doing the
> acl
> checks before doing the append_domain. This would arguably be a bug in
> squid, but this can still be worked around by adding all the
> unqualified
> hostnames to the localsites acl;
>
> acl localsites dstdomain localhost
> acl localsites dstdomain .se-nord.provinz.bz.it
> acl localsites dstdomain <firsthostname>
> acl localsites dstdomain <secondhostname>
> acl localsites dstdomain <otherhostname>
>
> etc.
>
> The other way to do this is use a \"dst\" acl to specify subnets for
> localsites, but this will force DNS lookups for all requests, which is
> not
> normaly required for requests that go through peers.
>
> --
> ----------------------------------------------------------------------
> ABO: finger abo@minkirri.apana.org.au for more info, including pgp key
> ----------------------------------------------------------------------
>
>
--------------------------------------------------------
Dr. Andreas Moroder
Sanitätsbetrieb Brixen - Azienda Sanitaria di Bressanone
www.sb-brixen.it - www.as-bressanone.it
Received on Tue Aug 06 2002 - 00:26:55 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:31 MST