Re: [squid-users] DNS double query from dtom on 2004-04-13 (squid-users)

From: dtom <dtom@dont-contact.us>
Date: Tue, 13 Apr 2004 19:33:20 +0900

> On Fri, 9 Apr 2004, dtom wrote:
>
> > I got following snoop output and cache.log while accessing http://www.mail-archive.com/.
> > H.H.H.H is squid box IP and A.A.A.A is DNS IP.
> > You can see sets of double queries and responses. Query line was very quickly shown after
> > response line was shown.
> > Two "idnsRead: FD 6: received 124 bytes from A.A.A.A." are written to cache.log.
> > I don't want squid to query twice.
> >
> > # snoop -r -d hme0 port 53
> > Using device /dev/hme (promiscuous mode)
> > H.H.H.H -> A.A.A.A DNS C www.mail-archive.com. Internet Addr ?
> > H.H.H.H -> A.A.A.A DNS C www.mail-archive.com. Internet Addr ?
>
> Please include timing details. Have no use of these traces unless there is
> timing details.

OK.Here is snoop output with timing details.

# snoop -r -t d -d hme0 port 53
  0.01784 H.H.H.H -> A.A.A.A DNS C www.mail-archive.com. Internet Addr ?
  0.00004 H.H.H.H -> A.A.A.A DNS C www.mail-archive.com. Internet Addr ?
  0.00040 A.A.A.A -> H.H.H.H DNS R www.mail-archive.com. Internet Addr 211.9.244.15
  0.00001 A.A.A.A -> H.H.H.H DNS R www.mail-archive.com. Internet Addr 211.9.244.15
  0.00462 H.H.H.H -> A.A.A.A DNS C www.mail-archive.com. Internet Addr ?
  0.00004 H.H.H.H -> A.A.A.A DNS C www.mail-archive.com. Internet Addr ?
  0.00092 A.A.A.A -> H.H.H.H DNS R www.mail-archive.com. Internet Addr 211.9.244.15
  0.00002 A.A.A.A -> H.H.H.H DNS R www.mail-archive.com. Internet Addr 211.9.244.15
  0.00761 H.H.H.H -> A.A.A.A DNS C www.mail-archive.com. Internet Addr ?
  0.00004 H.H.H.H -> A.A.A.A DNS C www.mail-archive.com. Internet Addr ?
  0.00065 A.A.A.A -> H.H.H.H DNS R www.mail-archive.com. Internet Addr 211.9.244.15
  0.00001 A.A.A.A -> H.H.H.H DNS R www.mail-archive.com. Internet Addr 211.9.244.15

Squid queried ,and queried again soon(within 0.00004sec).

> > 2004/04/09 13:47:56| aclCheck: checking 'always_direct allow EADDR'
> > 2004/04/09 13:47:56| aclMatchAclList: checking EADDR
> > 2004/04/09 13:47:56| aclMatchAcl: checking 'acl EADDR dst D.D.D.D/12 E.E.E.E/16'
> > 2004/04/09 13:47:56| ipcache_gethostbyname: 'www.mail-archive.com', flags=1
>
> Ok, this I have not tried. Maybe there is some slight error in
> acl processing causing the double DNS lookup.

Why do you think so?
How can I see if there is some slight error in acl processing causing the double DNS lookup?

--
Tomi

Received on Tue Apr 13 2004 - 04:33:39 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT