Re: [squid-users] superfluous DNS queries

From: Muthukumar <kmuthu_gct@dont-contact.us>
Date: Fri, 11 Jun 2004 17:21:15 +0530

> I set up SQUID to forward all HTTP traffic through a parent proxy
> (bound to internet) except when URL matches certain suffix domains (intranet).
> Upon receiving internet URL like www.thepurists.com, SQUID however
> queries DNS servers for www.squid-cache.org, www.squid-cache.org.sub.my.org, ...

What is your dns_testnames settings in the Squid.
Did you test the samples in the starting of squid or after some requests.

> Indeed, i dont know anyone who who type in a browser:
> http://www.squid-cache.org. instead of http://www.squid-cache.org
> So i believe it would be nice if SQUID processed URL having at least one dot
> as if there were fully-qualified.
>
> # cat squid.conf (excerpt)
> acl DIRECT dstdomain "/usr/local/squid/etc/acl/direct.dstdom"
> # cat /usr/local/squid/etc/acl/direct.dstdom
> my.org
> intranet.my

The problem may be here. For dstdomain acl ,you have to include (.) "dot" before the domains as like

# cat /usr/local/squid/etc/acl/direct.dstdom
my.org
intranet.my

> cache_peer outproxy.my.org parent 8080 0 no-query proxy-only
> always_direct allow DIRECT
> never_direct allow all
> dns_nameservers 10.1.1.1 10.5.1.1
> visible_hostname intraproxy.sub.my.org

>
> # tcpdump -vs0 dst port 53
> local.29297 > 10.1.1.1.domain: [udp sum ok] 62439+ A? www.squid-cache.org. [|domain] (DF) (ttl 255, id 43955, len 64)
> 10.1.1.1.domain > local.29297: [udp sum ok] 62439 NXDomain* 0/1/0 (99) (ttl 29, id 8065, len 127)
>
> local.29298 > 10.1.1.1.domain: [udp sum ok] 62440+ A? www.squid-cache.org.sub.my.org. [|domain] (DF) (ttl 255, id 43956, len 76)
> 10.0.1.1.domain > local.29298: [udp sum ok] 62440 NXDomain* 0/1/0 (108) (ttl 29, id 8070, len 136)

Requests are suffixed with the first proxy domain's in the visible hostname of .sub.my.org

>
> local.29299 > 10.0.1.1.domain: [udp sum ok] 62441+ A? wwww.squid-cache.org.my.org. [|domain] (DF) (ttl 255, id 43957, len 71)
> 10.0.1.1.domain > local.29299: [udp sum ok] 62441 NXDomain* 0/1/0 (103) (ttl 29, id 8074, len 131)

Now the requests are suffixed with the outer proxy's domains in the visible hostname.

Check the proxy with the modified acl settings,dns_testnames.

Regards,
Muthukumar.

---
===============  It is a "Virus Free Mail" ===============
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.701 / Virus Database: 458 - Release Date: 6/7/2004
Received on Fri Jun 11 2004 - 15:46:59 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT