On 18/10/10 19:58, Zeller, Jan (ID) wrote:
>>> I create a tunnel to my server that is running squid using ssh and
>>> running with a default (debian) configuration. My server is
>>> dual-stacked (public IPv4 and IPv6 addresses) while the client is a
>>> IPv4 only.
>>>
>>> Over the past few days I have been developing a website and found an
>>> oddity on what address is reported specifically from my laptop while
>>> using this tunnel. It appears that Squid is alternating between
>> using
>>> the IPv4 and IPv6 address (the destination website is also dual
>> stack)
>>> and as such was making it difficult for myself to deal with these
>>> sessions.
>>>
>>> So this appears to be happening because:
>>>
>>> * Squid is choosing to use IPv6 and IPv4 randomly /
>>> interchangeably causing server side session checking to fail (phpBB
>>> has an IP Address check for example)
>>>
>>> So my question are:
>>>
>>> * Did I miss something in the configuration file?
>
> hmm my squid boxes are also dual stacked and I was not able to force ipv4 precedence over ipv6 (see : /etc/gai.conf - http://tools.ietf.org/html/rfc3484)
>
Squid does not use the kernel resolver. And also does not (yet) read the
gai.conf file for its own use.
These settings can be achieved by setting the DNS resolver Squid uses as
its source to send IPs in the rfc3484 ordering you want. Squid will
still fetch AAAA before A though so rfc3484 only affects within a set of
same protocol IPs.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.8 Beta testers wanted for 3.2.0.2Received on Mon Oct 18 2010 - 13:27:57 MDT
This archive was generated by hypermail 2.2.0 : Mon Oct 18 2010 - 12:00:03 MDT