[squid-users] confused over ipv6 failing on ipv4-only network
Amos Jeffries
squid3 at treenet.co.nz
Wed Jan 6 11:32:28 UTC 2016
On 6/01/2016 7:29 p.m., Jason Haar wrote:
> On 06/01/16 17:39, Amos Jeffries wrote:
>> On 6/01/2016 5:04 p.m., Jason Haar wrote:
>>> Hi there
>>>
>>> Weird - several times in the past couple of months I have found I cannot
>>> get to http://wiki.squid-cache.org/ - I get the error below from my
>>> squid-3.5.11 server which does not have a Global ipv6 address (it has a
>>> Local ipv6/fe80: on the Ethernet card - but nothing else). Google.com
>>> (which is fully ipv6 capable) works fine - so far only
>>> wiki.squid-cache.org has shown up this way to me (ie I don't see this
>>> error message.
>>>
>>> On the squid server, "dig a" shows valid ipv4 addresses and "dig aaaa"
>>> shows the ipv6 address - but why is squid even trying to connect over
>>> ipv6 If doesn't have an ipv6 address?
>>>
>>> Could this be a case of the "A" record failing to return fast enough,
>>> forcing squid to only try ipv6 - which then leads to the error message
>>> referring to the ipv6 address?
>> Squid waits for both A and AAAA before continuing after DNS lookup. The
>> only way to get only IPv6 results is for your DNS server to produce no A
>> results at all. Timeout _could_ do that, but the default is 30 sec so
>> unlikely.
>
> I think that must be the case, because when I saw the problem this
> morning, I immediately ssh'ed into the squid server and nslookup showed
> it was resolving the name to it's A record just fine (by then) - and
> telnet-ing to the IPv4 address was fine too. So it must have either
> timed out on the A lookups (but not the AAAA records), or the DNS server
> didn't return A records at all? I don't think there's a way to query
> squid to see what it's current DNS cache is? That would definitively
> answer that question
The cache manager "ipcache" report contains a listing of the DNS cache:
squidclient mgr:ipcache
>
>
>> The Squid wiki is dual-stacked with IPv4 addresses. Sice you have
>> v4-only network the thing to do is find out why the IPv4 are not
>> working for your Squid.
>
> Well yeah - but I frankly don't see this on any other website (like
> google.com) - just wiki.squid-cache.org - so I think there's something
> going on between those DNS servers and my squid server sitting on a
> SPARK NZ network
Hmm. Wiki is in Italy IIRC so almost worst case RTT for us. Though I've
not seen such issues from my Orcon POP.
Amos
More information about the squid-users
mailing list