Re: [squid-users] 3.4.0.1 dnsreq statistics question from Amos Jeffries on 2013-07-31 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 01 Aug 2013 02:57:06 +1200

On 1/08/2013 12:56 a.m., Ralf Hildebrandt wrote:
> * Ralf Hildebrandt <Ralf.Hildebrandt_at_charite.de>:
>
>> Nameservers:
>> IP ADDRESS # QUERIES # REPLIES Type
>> ---------------------------------------------- --------- --------- --------
>> 224.0.0.251 122256 0 multicast
> Huh? The numbers account for what I'm seeing in my graphs.
> And indeed, I'm seeing queries on the net:
>
> % tcpdump -i eth1 host 224.0.0.251
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
>
> 14:41:00.546196 IP proxy-cvk-2-e.charite.de.49093 > 224.0.0.251.mdns: 44683+ PTR (QM)? 234.129.89.95.in-addr.arpa. (44)
> 14:41:00.546796 IP proxy-cvk-2-e.charite.de.49093 > 224.0.0.251.mdns: 15065+ PTR (QM)? 234.129.89.95.in-addr.arpa. (44)
> 14:41:00.879966 IP proxy-cvk-1-e.charite.de.50277 > 224.0.0.251.mdns: 38706+ PTR (QM)? 139.203.238.77.in-addr.arpa. (45)
> 14:41:00.880286 IP proxy-cvk-1-e.charite.de.50277 > 224.0.0.251.mdns: 3929+ PTR (QM)? 139.203.238.77.in-addr.arpa. (45)
>
> So what we are seeing here are two proxies querying IP addresses
> (client IP addresses?) using mDNS. But why?

Oh. Sorry I had forgotten .arpa. The mDNS spec simply says all rDNS
should go through mDNS as well so local servers are able to respond with
their hostnames if any of their IPs are requested.

>
> I don't have avahi running at all.
>
> proxy-cvk-1-e.charite.de.50277 points to squid:
>
> # netstat -tulpen |grep 50277
> udp 0 0 0.0.0.0:50277 0.0.0.0:* 13 1393747784 7832/squid
>
> According to the release notes:
>
> There is no additional or special configuration required. The
> multicast DNS group IP addresses for IPv4 and IPv6 resolving are added
> to the set of available DNS resolvers and used automatically for
> domain names ending in .local before attempting a secondary resolution
> on the configured resolvers. Domains without .local are resolved using
> only the configured DNS resolvers.
>
> Hm, so everything is working as expected. Can it be turned off?

Not in the current release.

Here is a patch which enables that and some extra details in the idns
report:
http://treenet.co.nz/projects/squid/patches/mdns_configurable_mk1.patch

Amos
Received on Wed Jul 31 2013 - 14:57:20 MDT

This archive was generated by hypermail 2.2.0 : Wed Jul 31 2013 - 12:00:05 MDT