The second log line on the last email shows that we are logging the
IP, in that case, google.
Our resolv.conf points to several DNS servers for our ISP, which all
seem to always have an immediate answer when we do an nslookup
manually.
Is squid caching negative dns queries? Is there a way to flush these?
Here is the text I am referring to as the last email.
Upgraded squid to 3.1.12
DNS is working from that machine, we are able to resolve both
www.carfax.com and carfax.com, and have even restarted squid after
looking those up.
From the squid log:
TCP_MISS/503 4367 GET http://www.carfax.com/ - DIRECT/www.carfax.com text/html
(which takes forever)
differs from something like google:
TCP_MISS/200 15049 GET http://www.google.com/ - DIRECT/74.125.93.147 text/html
Any advice? Our ISP did switch DNS servers recently (we switched at
the same time as the squid update) but we aren't seeing this behavior
with other sites.
On Tue, May 31, 2011 at 6:51 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On Tue, 31 May 2011 14:57:20 -0500, William Bakken wrote:
>>
>> Upgraded squid to 3.1.12
>>
>> DNS is working from that machine, we are able to resolve both
>> www.carfax.com and carfax.com, and have even restarted squid after
>> looking those up.
>>
>> From the squid log:
>> TCP_MISS/503 4367 GET http://www.carfax.com/ - DIRECT/www.carfax.com
>> text/html
>> (which takes forever)
>
> Some, but not all, of their DNS resolvers are not responding. You will get
> varied responses depending on which NS your network are closest to, whether
> resolution is done over UDP or TCP (from your recursive resolver to theirs,
> Squid is not involved), and how long the timeout is waiting.
>
> From your log its not certain whether Squid is resolving or not
> (DIRECT/www.carfax.com). You may need to disable log_fqdn to see which
> server IP it is going to.
>
>
> On the delay problem... we have dropped the default/recommended dns_timeout
> to 30 seconds in 3.2. Down from 2 minutes. You can do this manually in 3.1
> for a bit better response times.
>
> Amos
>
>
Received on Wed Jun 01 2011 - 22:08:20 MDT
This archive was generated by hypermail 2.2.0 : Thu Jun 02 2011 - 12:00:02 MDT