RE: [squid-users] Is OpenDNS efficient for squid?

Dear All,

I was reading the article, but I guess it's too old. Can anybody update me Still Squid can't handle SSL(https) Pages?

http://www.squid-cache.org/mail-archive/squid-users/200907/0073.html

HTTP port 80 can be intercepted. Or other known plain HTTP port if you
are very certain of them.

HTTPS is encrypted. Thats what the 'S' means (Secure over SSL).

You _cannot_ intercept an encrypted transaction and expect a plain-text
HTTP processor to handle it.

-----Original Message-----
From: J. Webster [mailto:webster_jack_at_hotmail.com]
Sent: Monday, February 08, 2010 7:05 PM
To: swright_at_shawnigan.ca; squid-users_at_squid-cache.org
Subject: RE: [squid-users] Is OpenDNS efficient for squid?

I have put the nameservers into squid.conf. However, today I received the same error.
Squid times out on the following site https://www.skyplayer.com This is the dig result:
[root@# dig skyplayer.sky.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> skyplayer.sky.com ;; global options:  printcmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35479 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;skyplayer.sky.com.             IN      A

;; ANSWER SECTION:
skyplayer.sky.com.      300     IN      CNAME   wildcard.sky.com.edgekey.net.
wildcard.sky.com.edgekey.net. 21600 IN  CNAME   e3228.b.akamaiedge.net.
e3228.b.akamaiedge.net. 20      IN      A       92.123.93.52

;; Query time: 162 msec
;; SERVER: 213.171.192.249#53(213.171.192.249)
;; WHEN: Mon Feb  8 13:57:05 2010
;; MSG SIZE  rcvd: 126

If dig works and nslookup gives:
[root@]# nslookup skyplayer.com
Server:         213.171.192.249
Address:        213.171.192.249#53

Non-authoritative answer:
Name:   skyplayer.com
Address: 80.238.9.232

Any reasons why squid won't resolve it?

----------------------------------------
> Date: Sun, 7 Feb 2010 19:03:09 -0800
> From: swright_at_shawnigan.ca
> To: squid-users_at_squid-cache.org
> Subject: Re: [squid-users] Is OpenDNS efficient for squid?
>
> ----- "Dieter Bloms" wrote:
>> Hi,
>>
>> On Sun, Feb 07, J. Webster wrote:
>>
>>> Is there any problem with using opendns server as the dns_nameserver in squid?
>>> Is it slower than using the local hosts namersevrers?
>>> I have an issue with dns timeouts for 1 or 2 websites and am having to restart the dns cache (nscd) every 6 hours to flush it.
>>> I thought adding the nameservers to the squid.conf would bypass this issue.
>>
>> you can savely disable nscd.
>> I had some trouble with nscd till I disabled it.
>> I think you don't get any performance issues.
>>
>>
>> --
>> Gruß
>>
>> Dieter
>
> We switched to OpenDNS in December, after years of using our own djbdns servers, and have not seen any issues. The server provides access to 650 campus users over a 1Gb link, with typically 100Req/s throughout the day. Our hope is that OpenDNS will reduce the time spent on ACL maintenance in squid, and allow us to drop some ACLs completely.
>
> --
> Shawn Wright
> I.T. Manager, Shawnigan Lake School
> http://www.shawnigan.ca
                                               
_________________________________________________________________
Tell us your greatest, weirdest and funniest Hotmail stories http://clk.atdmt.com/UKM/go/195013117/direct/01/
Received on Mon Feb 08 2010 - 16:46:14 MST