Re: [squid-users] BYPASS UPON FAILURE from ian j hart on 2008-03-30 (squid-users)

From: ian j hart <ianjhart@dont-contact.us>
Date: Sun, 30 Mar 2008 23:28:08 +0100

On Sunday 23 March 2008 13:28:26 Amos Jeffries wrote:
> ian j hart wrote:
> > On Sunday 23 March 2008 11:12:22 Amos Jeffries wrote:
> >> Tim Bates wrote:
> >>> K K wrote:
> >>>> For
> >>>> Windows/MSIE the setting can be done automatically by WPAD, DHCP, or
> >>>> GPO. For non-microsoft, this needs to be configured manually on each
> >>>> client.
> >>>
> >>> For non-MS browsers you can often still use WPAD (Firefox on Linux for
> >>> example can do that still).
> >>> You can also get a modified version of Firefox (made by FrontMotion)
> >>> that supports GPO for certain settings.
> >>>
> >>> TB
> >>
> >> The only real trouble with WPAD is that it has never been formally
> >> standardised.
> >> Microsoft products use only the 'obsolete' DHCP methods of WPAD.
> >
> > Are you sure about this?
> >
> > IIRC I'm using only DNS. Which is clunky, but it works. (XP)
>
> I'm not 100% on anything to do with WPAD, despite a few months
> experimenting with it and various setups.
>
> I last tried it with XP and 2k running IE 5.5 SP1 and WindowsUpdate
> 3-something or MicrosoftUpdate 1-something.
>
> What versions of IE, WindowsUpdate/MicrosoftUpdate have you seen working
> with WPAD-DNS?

Don't have a definitive list but IIRC I've run IE verisions from 4.2? to 6
this way.

I can tell you that there are a number of ways to get false negatives.

MS seem to break proxy support every time they release a new O/S, O/S service
pack, version of IE or IE SP. Wait for follow up patches or SUS/WUS/WSUS
updates before updating.

The client can mark the proxy as "bad" for 30m at time.
http://support.microsoft.com/kb/320507

Turn it off/on can help, i.e.

Close all IE, outlook/OE windows
Open an IE window
Deselect automatically detect... in LAN settings
Close the IE window (optionally reboot)
Open an IE window
Select automatically detect... in LAN settings
Try again.

That's what I mean by clunky.

>
> >> Linux/Mac/*BSD products use the easier but non-official DNS methods of
> >> WPAD.
> >>
> >> So you need to configure both methods for it to work properly on the
> >> network for all clients.
> >>
> >> Amos
>
> Amos

-- 
ian j hart

Received on Sun Mar 30 2008 - 16:28:34 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:05 MDT