Re: [squid-users] DNS problem?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 03 Oct 2001 11:50:18 +0200

mjg@RxAmerica.com wrote:

> I have asked the firewall guys if there is a rule for allowing access
> from the squid server to/from the web server and they say yes.

Then I'd suggest you verify that what they claim is true..

From the Squid proxy machine, try to access your web server using any
HTTP client. I'd recommend Lynx, but the Squid client program can also
be used by specifying your web server as the host to connect to or even
plain old telnet.

   telnet your.company.webserver 80
   GET / HTTP/1.0
   [blank line]

> so thought I might try using the always_direct acl. -- am I on the
> right track or should I disable the internal dns for squid?

always_direct is useful if you have parent proxies configured by
cache_peer. From what I can see I don't think using always_direct will
help you. However, it might help you in a future scenario where you
connect to other parent proxies such as a proxy at your ISP.

> using the nameservers 12.127.17.71, 12.127.16.67 which
> are for our web site -- if do nslookup from squid machine can find
> www.rxamerica.com ip address.
>
> there is a dns server setup in the intranet for the domain but it
> doesn't have the web servers in it(problem?).

The DNS squid is using must naturally know about the servers you want to
connect to, or else it won't be able to find those servers by name.

If making the information available in the DNS used by Squid is not an
option, then add it to /etc/hosts and rebuild squid with
--disable-internal-dns.

Regards
Henrik Nordström
Squid Hacker
Received on Wed Oct 03 2001 - 04:14:29 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:35 MST