[squid-users] dns failover failing with 3.4.7
Mike
mcsnv96 at afo.net
Thu Jul 30 15:48:42 UTC 2015
On 7/27/2015 17:25 PM, Amos Jeffries wrote:
> On 28/07/2015 8:38 a.m., Mike wrote:
>> Running into an issue, using the squid.conf entry
>> dns_nameservers 72.x.x.x 72.x.y.y
>>
>> These are different servers (under our control) for the purpose of
>> filtering than listed in resolv.conf (which are out of our control, used
>> for server IP routing by upstream host).
>>
>> The problem we found like this weekend is if the primary listed dns
>> server is unavailable, squid fails to use the secondary listed server.
>> Instead it displays the "unable to connect" type messages with all
>> websites.
> Details please. How do you know the secondary is not even being tried?
>
> What is Squid getting back from the primary when its "down" ?
> or just dns_timeout being hit?
>
> Add this to squid.conf to get a cache.log trace of the DNS activity:
> debug_options 78,6
>
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
Amos,
If it was using the secondary server listed, connections to almost all
websites would not be failing to load if primary was down. For the test
we temporarily took the primary DNS server offline (per the example
above 72.x.x.x), and no websites would load unless it was in the squid
cache, but any elements that required additional data failed to load
causing formatting issues with the displayed website. If we swap the
setting to the "secondary" with the first IP (per the example above) as
dns_nameservers 72.x.y.y 72.x.x.x
and it works the same way, take the ".y.y" down and it refuses to use
the secondary listed IP ".x.x" for DNS, instead displays the website
could not be displayed error in the browsers. We even tried another test
(per the example above) dns_nameservers 72.x.x.x 8.8.8.8 then let it run
for an hour or so. Then we took down the primary which means it should
use the secondary google IP of 8.8.8.8, but it doesn't, goes right back
to the "website could not be displayed" error in the browsers.
I was wonder if this might be a bug. This is happening on multiple
servers, one has squid 3.4.7, another has 3.4.6 and problem occurs on both.
Thanks
Mike
More information about the squid-users
mailing list