I use SQUID 2.2
In my original squid.conf, there is the following comment:
# For dstdomain and dstdom_regex a reverse lookup is tried if a IP
# # based URL is used. The name "none" is used if the reverse lookup
# # fails.
#
This is the reason.
However, on my squid behind a firewall this problem does not happen.
I tried
never_direct deny test.abc.de
never_direct allow all
always_direct allow test.abc.de
always_direct allow all
I tried Squid 2.2stable5
Yours,
Martin Stolle
-----Ursprüngliche Nachricht-----
Von: Magnus Ullberg [mailto:UllbergM@abcbank.com]
Gesendet: Freitag, 15. Dezember 2000 15:24
An: 'Stolle, Martin'
Cc: 'squid-users@ircache.net'
Betreff: RE: [SQU] Squid behind firewall - DNS Problem
Yes..
I forgot to include my configuration in my last email.. this is what I
have.. I believe that the dstdomain acl may be the problem.. to me it looks
like maybe its trying to resolve the ipaddresses to hostnames to see if they
are in the .abc.net domain..
acl intranet dstdomain .abc.net
never_direct deny intranet
never_direct allow all
always_direct allow intranet
always_direct deny all
The internal proxy has the ICP port for both parent caches set.
Magnus Ullberg
Network Coordinator
Area Bancshares Corporation
Networking Department
230 Frederica St.
Owensboro, KY 42301
-----Original Message-----
From: Stolle, Martin [mailto:MStolle@KIV.DE]
Sent: Friday, December 15, 2000 7:58 AM
To: 'Magnus Ullberg'
Cc: 'squid-users@ircache.net'
Subject: AW: [SQU] Squid behind firewall - DNS Problem
Did you use the statement "never direct allow all" in your squid.conf ?
This will prevent the client cache to ask directly the internet.
Another Possibility: Did you allow UDP Port 3130 (for ICP requests) through
your firewall and configured your client to use it
e.g.
cache peer 195.27.54.3 parent 3128 3130
for with internet-proxy on IP-Adress 195.27.54.3, proxy-port 3128 and
ICP-Port 3130
Otherwise, your client will time out.
Greetings,
Martin Stolle
-----Ursprüngliche Nachricht-----
Von: Magnus Ullberg [mailto:UllbergM@abcbank.com]
Gesendet: Freitag, 15. Dezember 2000 15:00
An: squid-users@ircache.net
Betreff: [SQU] Squid behind firewall - DNS Problem
I've got a problem. This is my setup:
Proxy1 Proxy2
| |
\_____________/
|
IntProxy
Proxy 1 & 2 is on the internet while IntProxy is only on the internal
network. Everything works fine except when you try to access a website using
their IP address.
It hangs for a couple of minutes before showing the page. I think I've
narrowed it down to what is happening. It looks like it does a reverse dns
lookup on the ip address and it has to wait for that to time out.
Any suggestions for me?
Thanks,
Magnus Ullberg
Network Coordinator
Area Bancshares Corporation
Networking Department
230 Frederica St.
Owensboro, KY 42301
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Fri Dec 15 2000 - 08:21:46 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:59 MST