On 23/06/11 01:44, Peter Olsson wrote:
> Hello!
>
> We use Squid 3.1.12 on a couple of servers with IPv4 and IPv6.
> The servers are FreeBSD 8.1. Squid is installed from ports.
>
> This works fine, except for this web: www.informator.se
> www.informator.se has an AAAA address, but it doesn't seem to
> listen to it. Eventually the browser times out with this error:
> (51) Network is unreachable
>
On BSD you should only it this if the site has no A address either.
split-stack 3.1 uses IPv4-only links to servers unless the hack you
found (below) is added.
> But shouldn't Squid try the IPv4 address when the IPv6 address
> fails? If so, there is maybe something wrong with our config.
> The only IPv6 specific config we have is this (taken from the
> release notes of Squid 3.1):
> acl to_ipv6 dst ipv6
> http_access allow to_ipv6 !all
> tcp_outgoing_address x:x:x::x to_ipv6
> tcp_outgoing_address x.x.x.x !to_ipv6
>
> Is the failure on www.informator.se a bug/feature in Squid,
> or is the problem in our setup/config?
That hack requires its http_access line to be run. So preferrably that
is placed at the top of http_access list. This ensures that the
destination IP is always resolved early in processing and with luck
available to the outgoing address selection.
The solution to all these split-stack problems has just hit 3.2 series
this week in 3.2.0.9. We are working through the bunch of unexpected
problems right now. Any help welcome.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.9 and 3.1.12.3Received on Wed Jun 22 2011 - 14:34:02 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 22 2011 - 12:00:03 MDT