RE: [squid-users] DNS cache-only server question

I understand what you're saying but I don't believe some of your
points are 100% correct. I'm not trying to bite the gift horse in the
mouth mind you. :)

I did an 'strace' on ping to see what it's doing. I can see that it's
also 'talking' to port 53 as is SQUID.

In the SQUID ../lib/rfc1035.c library, I see that we call
'rfc1035BuildAQuery' when given a supposed FQDN. Uncommenting the
'main' I'm able to replicate my 'problem'

I believe if I can pass the same flags that 'ping' is passing to
named, I should be able to 'hack' the underlying routine to get what I
need done.

So why do I need this done? I realize that it's an RFC violation but
the RFC didn't consider the situation where I'm in a test environment.
Basically, our application is a web app with an apache web server. It
answers to CNAME'd values for our different customers and presents
them with a different 'look' based on these DNS values. We're in the
middle of QA (yes, amazing that s/w companies still do this! :), and
I need to run through some of our QA sites.

For instance:

        qa-one.foobar.com -> look 'n feel #1
        qa-one.foobar.com -> look 'n feel #2

My problem is that I'm using StarBand now that my ISP kicked its heals
up. StarBand has a proxy server too and it rightly insists FQDN's as
does SQUID. However, I need to test (even though I don't want to, but
that's another story isn't it? :) so I need to 'fake' out SQUID.

Prior to this, I had DSL and was able to get everything working.

I'm not a purist per say, just need to get my work done and am falling
behind.

I think what you propose will work but I'm thinking of worst case
hacking rfc1035.c to inspect /etc/hosts for values before going to
named. Best case, I can check out ping's source code and see what it
sends to named.

Hope that helps.

---
Pablo Sanchez         mailto:pablo@purecarbon.com
Ph  : 303.939.8897       Fax: 603.720.7723
Cell: 303.717.5889
> -----Original Message-----
> From: Colin Campbell [mailto:sgcccdc@citec.qld.gov.au]
> Sent: Tuesday, September 18, 2001 9:41 PM
> To: Pablo Sanchez
> Cc: squid-users@squid-cache.org
> Subject: RE: [squid-users] DNS cache-only server question
>
>
> Hi,
>
> I'm starting to get confused. Exactly what are you trying
> to achieve?
> Before you answer that though, what you must understand is that when
> you define a CNAME you do so in the domain for which the file is the
> authoritative data. So, when you have, for example
>
> named.conf:
>
> 	zone "hairball.com" {
> 		file "db.hairball";
> 		type master;
> 	}
>
> db.hairball:
>
> 	...
> 	qa-one.foobar.com	IN CNAME web2.hairball.com.
>
> you are defining qa-one.foobar.com.hairball.com. You are
> NOT defining
> qa-one.foobar.com. When you use ping, it asks the DNS for the IP for
> qa-one.foobar.com.hairball.com. That's because it calls
> gethostbyname()
> which (possibly after consulting some resolution
> configuration switch
> file) will ask the DNS for the FQDN
> (qa-one.foobar.com.hairball.com) which
> your DNS as you have configured it, knows about. gethostbyname() is
> designed to be "user friendly" and calls the resolver
> routine res_search()
> which will read and parse /etc/resolv.conf looking for "domain" or
> "search" directives and applying the returned domain(s),
> modifying the
> search at each go until it either gets an answer or fails.
> This can be a
> very time consuming operation, taking 10-15 seconds which
> is far too long
> for something like squid. Consequently squid doesn't call
> gethostbyname()
> and doesn't even call res_search(). It goes straight to
> res_query() which
> (in theory) will be very much quicker. If you have squid
> configured to not
> add the local domain to unqualified names, you'll find that
> squid cannot
> find "web2". It will find "web2.hairball.com" because your
> DNS knows about
> it. To squid, "web2" is not "web2.hairball.com.", it's
> "web2" in the root
> domain, ie "web2.".
>
> So getting back to your problem. If you want squid to turn
> qa-one.foobar.com into web2.hairball.com you'll need to
> have your DNS
> configured as follows:
>
> named.conf
>
> 	zone "hairball.com" {
> 		file "db.hairball";
> 		type master;
> 	};
>
> 	zone "foobar.com" {
> 		file "db.foobar";
> 		type master;
> 	};
>
> db.hairball:
>
> 	web2		IN A	10.9.8.7
>
> db.foobar:
>
> 	qa-one.foobar.com	IN CNAME web2.hairball.com.
>
> That is it. There is no other way. Repeat after me, there
> is no other way.
> Where this will get you into trouble, though, is if you
> want "foobar.com"
> to refer to a real domain. Then what I have told you to do
> is going to
> make the real domain effectively inaccessible. In this case
> you probably
> want to use a redirector that will selectively rewrite
> URLs. Then you
> could have your redirector get a URL like
>
> 	http://qa-one.foobar.com/index.html
>
> and rewrite it to be
>
> 	http://web2.hairball.com/index.html
>
> which achieves the same result. The nice thing about doing
> it this way is
> that you can have your redirector "consult outside
> influences" and alter
> its behaviour according to those influences. For example,
> you could have
> the redirector check the status of your link. If it's up,
> go to the real
> site (ie don't rewrite the URL) but if it's down, go
> somewhere else (eg
> web2.hairball.com).
>
> Are we getting closer? :-)
>
> On Tue, 18 Sep 2001, Pablo Sanchez wrote:
>
> > Before I continue down that path a bit more... shouldn't it be
> > possible to have SQUID talk to named much like 'ping?'
> In my simple
> > pea-like brain, I'm thinking if SQUID didn't make it
> mandatory to have
> > FQDN's, I'd be set.
>
> Colin
>
>