[squid-users] Unable to determine IP address from hostname ?
Amos Jeffries
squid3 at treenet.co.nz
Mon Feb 9 23:06:22 UTC 2015
On 10/02/2015 10:22 a.m., Mirza Dedic wrote:
> I have users getting quite frequently this error in Squid..
>
> Unable to determine IP address from hostname.
> "The DNS server returned no DNS records"
Means exactly what it says.
>
> I have in my squid.conf setup..
>
> dns_nameservers 8.8.8.8 8.8.4.4
> dns_timeout 5 second
>
> It seems random, but 5 seconds should be enough and we're resolving against
> Google public DNS servers.
>
> The sites it is unable to resolve are up (expedia.com, and other sites that
> usually don't go down).
>
> Is there anything else I can do?
Expedia is hosted on Akamai. Akamai load balance their CDN by doing DNS
response tricks. I'm seen a few different types of failure resulting
from that.
- in Expedias case the DNS TTL is 12 seconds and there are two layers
of CNAME to resolve before one gets to an IP. Those CNAMEs themselves
only have TTL of a few minutes.
The Akamai behaviour that could result in that no-IPs error is when only
CNAME results are returned. Squid relies on the resolver to do the
recursion. Sometimes all Squid gets is a bunch of nested CNAME with no
IP to connect to. This is particularly bad with IPv6 lookups when the
Akamai client is not v6-enabled (expedia is one such).
Your Squid version can also impact results. 3.1 originally did two
sequential lookups, for AAAA and A records. That was changed to parallel
in 3.3, but still the longer of the two must fit within the timeout.
Amos
More information about the squid-users
mailing list