RE: [squid-users] Squid DNS internal client

Hi Amos,

Thanks for the reply. I have one question about this mDNS or multicast DNS.
Sorry, I am new to this DNS server concept. So please bear with me.
Based on my understanding, suppose I have a DNS server installed, and it does not have the name resolution for a particular site, I believe it will forward the request to a various DNS servers outside the network. Am I correct?
Now, if I use internal DNS client in squid and specify the DNS nameserver in the squid.conf, will it attempt to forward the request to other DNS servers if it is not found in that particular DNS nameserver or is that part not concerned with Squid ?

And I believe each DNS server will have its own cache as such. In that case will it be copied on to the Squid's internal IP cache (hash table?) whenever a lookup is resolved? How different is the ipcache in this case from the DNS cache? I see from the Squid start up log that the /etc/hosts is automatically copied to the ipcache table.

Thanks.

Regards,
Anita
 
-----Original Message-----
From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Sent: 10 May 2012 05:33
To: squid-users_at_squid-cache.org
Subject: Re: [squid-users] Squid DNS internal client

On 10.05.2012 01:57, anita wrote:
> Hi All,
>
> Can someone throw some light on how the Squid DNS internal client
> works?

Squid passes the API a hostname or IP. It generates a packet according
to DNS specifications, using FQDN search-list construction if necessary,
sends packets to a list of NS and validates the response before sending
a list of IPs or FQDN back to the waiting Squid component.


>
> I came across this:
>
> Disadv of using internal client
> Can use only the DNS nameservers mentioned in the squid.conf file for
> resolution. If it is not present there, it will give a DNS error.

That is the disadvantage of the external client, not the internal.
It can EITHER use the dns_nameservers list OR the system default
(/etc/resolv.conf) list, not both.

>
> Adv of using external client (uses system libraries: sys calls like
> gethostbyname, ..)
> Can use DNS nameservers + etc/hosts or WINS ,etc for lookup depending
> on
> configuration if nameservers report negative.
>
> (courtesy:
>
> http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/web-squid-dns-client-options.html)
>
> But what I dont understand is, I am using only DNS internal client
> for my
> squid. But I have not configured any nameservers and hence did not
> mention
> that in my squid.conf. In this case, it is anyway reading from
> /etc/hosts
> file. So how is it different from the external DNS client except for
> the ttl
> part?
> I especially dont understand the advantage of using the external
> client,
> i.e. it can look up outside nameservers. I believe in my case, it is
> any way
> looking up into etc/host file when i use the internal client.


That info was written for Squid-2.3. Current Squid use the /etc/hosts
file, config dns_nameservers list, the system /etc/resolv.conf list, and
on Windows the registry listed DNS servers for the internal client.

The one remaining disadvantage to the internal client is that it does
not use Bonjour or mDNS lookups like most default system resolvers use.
Since the external process uses the system default resolver library it
gets that functionality as basic. However this can be worked around by
pointing at a local resolver process that gateways regular DNS packets
to those services.

Amos

Please do not print this email unless it is absolutely necessary.

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com
Received on Thu May 10 2012 - 08:24:18 MDT