Re: [squid-users] Squid, Symantec LiveUpdate, and HTTP 1.1 versus HTTP 1.0

From: Wong <wongbali_at_telkom.net>
Date: Sat, 28 Mar 2009 11:27:24 +0800

> Wong wrote:
>>>> I found that Symantec LU has round robin DNS. And they can change DNS A
>>>> record at anytime.
>>>>
>>>> Isn't it better if Squid can bypass the domain name in squid.conf?
>>>> Is it possible?
>>>
>>> Squid does many DNS things and has many controls for changing how it
>>> does them.
>>>
>>> Correct use of DNS in stateless HTTP should not be causing any issue at
>>> all.
>>>
>>> Is the RR-DNS causing you problems? if so what?
>>>
>>
>> Amos,
>>
>> I think Symantec LU issue is not related to HTTP/1.1 as Squid support
>> such version (need sometime to investigate).
>>
>> But if the request redirected to Squid, Symatec LU always failed. The
>> fastest way is excluding LU request to Squid.
>>
>> May be it is OT discussion about how-to put FQDN in IPTABLES script. We
>> need Squid to cache and monitor HTTP usage but Symantec LU is also need
>> to run.
>>
>> Thx & Rgds,
>>
>> Wong
>>
>
> Ah okay I think I understand you now.

Thanks Amos.

> No it's not possible to bypass squid with squid.conf settings. The problem
> is that by the time the request gets to Squid its far too late to not send
> it to squid.

So, it means there is no chance to "pass-through the dst domain" of HTTP
Request in Squid itself, am I right?

If yes, the only way is exclude redirection at routing session (before
Squid). But it seems IPTABLES unable use FQDN to exclude Symantec LU.

Thx & Rgds,

Wong
Received on Sat Mar 28 2009 - 03:29:20 MDT

This archive was generated by hypermail 2.2.0 : Sun Mar 29 2009 - 12:00:02 MDT