[squid-dev] [PATCH] Retry cache peer DNS failures more frequently

Amos Jeffries squid3 at treenet.co.nz
Tue May 10 07:50:32 UTC 2016

On 10/05/2016 2:41 p.m., Nathan Hoad wrote:
> Hello,
> Attached is a patch which makes Squid attempt to resolve failed DNS lookups
> for cache peers more frequently than an hour. It's user configurable, with
> a default of one minute.

IMO the proper fix for this behaviour is to deliver the actual DNS TTL
values via DnsLookupDetails. The ipcache should be able to supply that.
Then each peer gets its own re-lookup event scheduled for happening only
when the DNS records for that peer are expected to need it.

In the event that an actual lookup failure happens then negative_dns_ttl
limit should be used instead of the hard-coded hour. That is 60 seconds
and may be much lower if admin wants fast recovery.

> As the patch preamble states, this is necessary for setups where all
> traffic is forwarded to a cache peer, as a failed DNS lookup will result in
> users being unable to access the web until it is resolved successfully.
> I'm not convinced the configuration option (cache_peer_negative_dns_ttl) is
> the best name, so I'm happy to take suggestions here.

Options specific for controling cache_peer activity should be on the
cache_peer directive. With global directives like negative_dns_ttl used
for setting the default value in their absence from squid.conf.


More information about the squid-dev mailing list