The answer is to disable IPV6 on squid and on the linux machine and
software.
but we do not know that this is the case..
do you have a local DNS server on the machine for caching and forwarding?
you can setup on the squid to use the local dns server and on the dns
server setup specific forwarding zone for this domain NS
this will result a much more efficient way to get it done and to make
your system more reliable by any case.
Regards
Eliezer
On 03/06/2011 19:24, William Bakken wrote:
> Amos, is there a way to tell Squid to stop asking for AAAA records/IPv6?
> We are having problems with other sites not working in the same way.
>
> On Thu, Jun 2, 2011 at 2:53 AM, Amos Jeffries<squid3_at_treenet.co.nz> wrote:
>> On 02/06/11 10:07, William Bakken wrote:
>>> The second log line on the last email shows that we are logging the
>>> IP, in that case, google.
>>>
>>> Our resolv.conf points to several DNS servers for our ISP, which all
>>> seem to always have an immediate answer when we do an nslookup
>>> manually.
>>>
>>> Is squid caching negative dns queries? Is there a way to flush these?
>>>
>>> Here is the text I am referring to as the last email.
>>>
>>> Upgraded squid to 3.1.12
>>>
>>> DNS is working from that machine, we are able to resolve both
>>> www.carfax.com and carfax.com, and have even restarted squid after
>>> looking those up.
>>>
>>> From the squid log:
>>> TCP_MISS/503 4367 GET http://www.carfax.com/ - DIRECT/www.carfax.com
>>> text/html
>>> (which takes forever)
>>>
>>> differs from something like google:
>>> TCP_MISS/200 15049 GET http://www.google.com/ - DIRECT/74.125.93.147
>>> text/html
>> Nevermind. The default log in the version still outputs FQDN if known. It is
>> fixed to show correct IP in the next series.
>>
>>> Any advice? Our ISP did switch DNS servers recently (we switched at
>>> the same time as the squid update) but we aren't seeing this behavior
>>> with other sites.
>>>
>> I looked a bit further and found that the NS hanging occurs reliably when it
>> is asked for AAAA records. Such as what Squid-3.1 asks for.
>>
>> It is pretty clear that the site DNS is screwed bigtime.
>>
>> Amos
>> --
>> Please be using
>> Current Stable Squid 2.7.STABLE9 or 3.1.12
>> Beta testers wanted for 3.2.0.8 and 3.1.12.2
>>
Received on Sat Jun 04 2011 - 04:37:14 MDT
This archive was generated by hypermail 2.2.0 : Sat Jun 04 2011 - 12:00:01 MDT