On Mon, 13 Dec 2010 15:27:00 +0000 (GMT), M A Young wrote:
> I have seen a couple of sites where access via squid is very slow. The
> issue seems to be that the time-to-live entry on their DNS record is 10
> seconds in one case, and 30 seconds in another, which I think means that
> squid is rechecking DNS frequently enough to slow things down. I worked
> around one of these by putting entires in /etc/hosts but this isn't very
> scalable. Are there any alternatives to this, perhaps some way of
setting
> a minimum timeout for DNS records on squid, so it can cope with these
> strangely configured sites?
>
> Michael Young
If 1-2 packets every 10-30 seconds is causing a major slowdown then you
need to fix your DNS servers.
Are you doing NAT interception on these sites? that will at least double
maybe triple the DNS lag on every connection at the users end.
There are some problems that just have to be pushed back at the admin who
created them. Bad DNS config is one. Best practice in DNS is not to drop
them under 60sec for anything short of a domain migration. 24hrs TTL with
multiple IP options if the servers are stable.
Amos
Received on Tue Dec 14 2010 - 02:04:24 MST
This archive was generated by hypermail 2.2.0 : Tue Dec 14 2010 - 12:00:03 MST