Re: [squid-users] Re: Appending multiple domains for non-FQDN DNS resolution from Amos Jeffries on 2009-09-29 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 30 Sep 2009 18:20:19 +1300

dmorton_at_tycoflow.co.nz wrote:
>
>
>
>
> I have now built another Squid server based on 3.0 STABLE19 but am
> experiencing the same results.
> I can resolve all non-FQDN addresses perfectly (across our three internal
> domains) from the server command line yet Squid refuses to query DNS based
> on the multiple search domains specified in resolv.conf. I have yet to
> disable Squid’s internal DNS as I read its far from the preferred setup in
> a modern install.
>
> Any ideas ?

Strange its should be.

Can you please provide me with a copy of your resolv.conf file and the
results of:
squidclient mgr:idns

(Thats the command line tester/manager for Squid)

If thats not showing anythign unusual can you also provide the cache.log
output when running some of these failing requests?
You will need to set "debug_options 78,9" in squid.conf to capture the
DNS actions during failure.

Thanks
Amos

>
>> Hiya,
>>
>> SITUATION:
>> As a lot of companies will struggle with we're cursed with a legacy of
>> internal and external services sharing the same domain space (seperate
>> authorative servers internally and externally). We have three domains
> that
>> services can exist on internally, these addresses are not advertised on
>> internet based DNS. Squid is setup also as a caching DNS server with
>> forwarders to the appropriate servers for the three internal domains as
>> well as a default for internet based resolution, this setup works
> perfectly
>> from the server command line. I can ping any non FQDN and get the correct
>> result (three domains in the resolv.conf search string as well as
> localhost
>> for nameserver) for internal servers as well as internet based FQDN's.
>>
>> ISSUE:
>> The issue is that Squid does NOT apply the domain suffixes as specified
> in
>> resolv.conf for a non FQDN, it queries literally and fails. The
>> append_domain works perfectly for my purpose but i understand it can only
>> be used for one domain and not the three i require. As people send links
>> around for web based services that are simply
>> http://internalserver/site.html I'm a bit stuck as to how to resolve
>> against DNS correctly to return the result.
>
> Upgrade your Squid. The ones released in the last year or so should be
> handling resolv.conf search properly.
>

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
   Current Beta Squid 3.1.0.14

Received on Wed Sep 30 2009 - 05:20:28 MDT

This archive was generated by hypermail 2.2.0 : Wed Sep 30 2009 - 12:00:03 MDT