On Tue, 31 May 2011 14:57:20 -0500, William Bakken wrote:
> Upgraded squid to 3.1.12
>
> DNS is working from that machine, we are able to resolve both
> www.carfax.com and carfax.com, and have even restarted squid after
> looking those up.
>
> From the squid log:
> TCP_MISS/503 4367 GET http://www.carfax.com/ - DIRECT/www.carfax.com
> text/html
> (which takes forever)
Some, but not all, of their DNS resolvers are not responding. You will
get varied responses depending on which NS your network are closest to,
whether resolution is done over UDP or TCP (from your recursive resolver
to theirs, Squid is not involved), and how long the timeout is waiting.
From your log its not certain whether Squid is resolving or not
(DIRECT/www.carfax.com). You may need to disable log_fqdn to see which
server IP it is going to.
On the delay problem... we have dropped the default/recommended
dns_timeout to 30 seconds in 3.2. Down from 2 minutes. You can do this
manually in 3.1 for a bit better response times.
Amos
Received on Tue May 31 2011 - 23:51:19 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 01 2011 - 12:00:04 MDT