Hiya,
SITUATION:
As a lot of companies will struggle with we're cursed with a legacy of
internal and external services sharing the same domain space (seperate
authorative servers internally and externally). We have three domains that
services can exist on internally, these addresses are not advertised on
internet based DNS. Squid is setup also as a caching DNS server with
forwarders to the appropriate servers for the three internal domains as
well as a default for internet based resolution, this setup works perfectly
from the server command line. I can ping any non FQDN and get the correct
result (three domains in the resolv.conf search string as well as localhost
for nameserver) for internal servers as well as internet based FQDN's.
ISSUE:
The issue is that Squid does NOT apply the domain suffixes as specified in
resolv.conf for a non FQDN, it queries literally and fails. The
append_domain works perfectly for my purpose but i understand it can only
be used for one domain and not the three i require. As people send links
around for web based services that are simply
http://internalserver/site.html I'm a bit stuck as to how to resolve
against DNS correctly to return the result.
I do not want to implement (or continue to) browser based bypass lists as
the overhead is too high. It will be much cleaner if our proxy can
transparently redirect requests to the correct server on various internal
domains.
Hope this is clear, its my first post so go easy ;)
This e-mail contains privileged and confidential information intended for
the use of the addressees named above. If you are not the intended
recipient of this e-mail, you are hereby notified that you must not
disseminate, copy or take any action in respect of any information
contained in it. If you have received this e-mail in error, please notify
the sender immediately by e-mail and immediately destroy this e-mail and
its attachments.
"ATTENTION RECIPIENT This email may contain privileged, confidential and/or personal information and is intended only for the use of the addressee. If you are not the intended recipient of this email you must not disseminate, copy or take action in reliance on it. If you have received this email in error please notify the sender immediately and delete the email. The confidential nature of and/or privilege in the documents transmitted is not waived or lost as a result of a mistake or error in transmission. Any personal information in this email must be handled in accordance with the prevailing Privacy legislation in the country of receipt of this email. This email does not necessarily constitute an official representation of Tyco. The content of this email may be reviewed by Tyco and has been logged for archival purposes. Emails may be interfered with, may contain computer viruses or other defects and may not be successfully replicated on other systems. Tyco gives no warranties in relation to these matters."
Received on Fri Sep 18 2009 - 04:39:49 MDT
This archive was generated by hypermail 2.2.0 : Fri Sep 18 2009 - 12:00:03 MDT