[squid-users] How to disable dns resolving only for domains "behind" cache-peer???

From: Plas, Dirk van der <dirk.vanderplas@dont-contact.us>
Date: Thu, 21 Dec 2006 10:43:25 +0100

Hello Squid experts,

I have the following setup:

A Squid 2.5.11 caching proxy-server used for accessing internal
(intranet) and internet websites. Squid is able to resolve all external
FQDN's. The internal websites are reached via a cache-peer relationship
with another proxy-server (not under my control). Internal websites are
not dns-resolvable, due to security-policy. (Unfortunately this is
something I have to deal with, I can't change this security policy)

During normal operation everything works fine; both external and
internal websites are reachable. But when our internet connection goes
down we notice that internal websites take a very, very, very long time
to load.

I did some investigation while internet connection was down and saw that
squid is trying to perform dns-resolving for domains behind cache-peer.
Somehow squid seems to wait for DNS queries to timeout before it sends
it requests to cache-peer.

My questions:
-is there a setting in squid which disables dns-resolving for domains
behind a cache-peer? In my opinion there is no need for squid to try to
resolve domains behind a cache-peer, because squid never establishes a
direct connection to this domains.
-do you have another solution/workaround for this problem?

Cheers!
Dirk
Received on Thu Dec 21 2006 - 02:43:35 MST

This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST