Re: [squid-users] Re: Squid Reverse Proxy cannot open ports

From: Antony Stone <Antony.Stone_at_squid.open.source.it>
Date: Wed, 17 Jul 2013 12:38:20 +0200

On Wednesday 17 July 2013 at 12:27:48, jc.yin wrote:

> Okay, what I've done is I've setup a very basic Squid accel setup according
> to the instructions. I have my main server hosted elsewhere, I have a local
> server setup for Squid accel.
>
> Now the only part I'm still confused is this part
>
> "To test your reverse proxy implementation you must set up Squid the same
> way it would be configured for production, except that the public DNS
> setting should no be pointing at it. You can configure test machine ‘s
> /etc/hosts file to send the requests directly to IP of squid instead of
> weberserver’ s IP.
>
> If everything goes OK, you should update the public DNS to send public
> requests to the Squid proxy instead of the web server and Acceleration will
> start instantly."
>
>
> My question is, how do I "update the public DNS to send public requests to
> the Squid proxy instead of the web server"? Where in ubuntu do I change
> this?

If this machine is your public DNS server (by which I mean the machine which
contains the authoritative zone file for your domain, which will be consulted
when anyone on the Internet looks up the IP address for your website), then
you should look in /etc/bind (and probably named.conf.local there) to find out
the file which contains the appropriate zonefile.

However, the very fact that you ask this question makes me suspect that you
are not running the authoritative public DNS server for the domain on this
machine.

Just to be clear what the instruction is talking about - it means changing the
DNS server/s which *the entire Internet* looks at to find out the IP address of
your web server.

If you really do want to change that information, you will need to find out who
is in charge of that DNS server/s. A good way to start is with:

# whois domain.com <-- substitute the domain we're talking about here

See who the contact details are - it may be a colleague of yours. Make sure
you do the following command from a machine which has an external DNS server
in /etc/resolv.conf (perhaps your ISP's):

# dig ns domain.com <-- substitute the domain again

This will tell you which name server/s the Internet thinks it can get answers
about your domain from. You need to work out or find out who can make changes
to those machines.

Regards,

Antony.

-- 
Renè Descartes walks in to a bar. The barman asks him "Do you want a drink?"
Descartes says "I think not," and disappears.
                                                     Please reply to the list;
                                                           please don't CC me.
Received on Wed Jul 17 2013 - 10:38:30 MDT

This archive was generated by hypermail 2.2.0 : Wed Jul 17 2013 - 12:00:19 MDT