[squid-users] Need to disable IPv6 / AAAA lookup in squid
Amos Jeffries
squid3 at treenet.co.nz
Mon Dec 8 09:00:25 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 8/12/2014 9:28 p.m., kamal kannan wrote:
> Hi,
>
> I'm currently running squid 3.4.
>
> Somtime facing below error/
>
> ""Connection to 2620:0:861:ed1a::1 failed."
>
> "The system returned: (101) Network is unreachable""
>
>
> Tried tcp_outgoing_address and dns_v4_first on.
>
> But nothing fixes this issue.
>
> Is there an option to disable AAAA lookup from squid.
>
No. IPv6 support has been mandatory in all networking software since
2012. (RFC 6540, also known as BCP 177).
The option available to make Squid prefer IPv4 over IPv6 is
"dns_v4_first on" which you found. With that Squid is already trying
all available IPv4 connections to the destination domain before its
tries any IPv6 ones. The reported "failed" IP was simply the last to
be tried out of the full set.
Possibly Squid was instructed to connect to exactly that IPv6 address
and no DNS is taking place at all.
Either way the entire domain/network is unreachable with the
information in the URL given.
If you get IPv6 working you may be able to access those URLs. That can
be as simple as installing miredo software, or setting up a 6to4
tunnel to 192.88.99.1, or both on the Squid machine.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUhWipAAoJELJo5wb/XPRjLyoH/jQ78etEn01kzq5DTZczmqnv
C0FgQfHv5re+csKeIQDESBHrB51HhqrG2xLXEp04//hfxDOUptwCH1b+gq1WGsL3
WuYegalOljjeQMFomfups+2nGgls99VbRLWboybunKJ420kIJ6lDF6BePk0PPmHR
Pm9SFvc3atF3K2DRQlv33zqFQJYsH8i7cXJ9Qa6wOtSCr7epCzC03RjN65/JRIHF
UHcB96e1NMD1FTRlljIyYTNXWa5dudECadzGqPbROraAkAXnQ4LGhDQSFM5j0gJt
pAKYW8HsOMkxBLRtiZTULBgyff++4DESOrg5wgTEI5zr7TbjeakQ2SnCp6RUckY=
=RRxZ
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list