[squid-users] Bizarrely slow, timing out DNS only via Squid :D
Dan Charlesworth
dan at getbusi.com
Thu Mar 3 22:42:11 UTC 2016
Thanks for your input Eliezer.
I've tested against various public DNS servers at this point so I'm ruling
out any DNS-server-side problems. The only time there's any timeouts or
slowness is when the request is going through squid. Doesn't seem to matter
which HTTP server I'm requesting, whether it returns multiple IPs or not.
Also worth noting that this company has about 30 other sites with mostly
identical network topologies and equipment where it's completely fine.
On 3 March 2016 at 18:44, Eliezer Croitoru <eliezer at ngtech.co.il> wrote:
> Well what I can see is that there are couple queries ID and the issues are:
> 0x8528: timeout
> 0x69c2 - timeout
>
> but I am pretty sure that the DNS server that the query is against is:
> 192.231.203.132:53
>
> So the first thing is to findout what dns servers are defined inside
> squid.conf
> if you don't have any then look at /etc/resolv.conf
>
> You should have there a list of server that you should run the dig -x
> command against and see how every one of them responses.
> From squid point of view the issues are probably:
> - network routing or firewall level issues(another middle machine or local
> settings)
> - buggy or faulty or wrongly-configured dns server
>
> The main reason that squid does the PTR lookup and other queries is since
> these are required.
>
> If you want to start from the bottom and up you can try another thing:
> use the dns_nameserver squid.conf option [
> http://www.squid-cache.org/Doc/config/dns_nameservers/ ] with the local
> dns that worked fast for dig and nslookup(192.231.203.3) and only this use.
> It should be:
> dns_nameservers 192.231.203.3
>
> You can run couple trials against public dns services like opendns\google
> or any other that is mentioned at:
> http://pcsupport.about.com/od/tipstricks/a/free-public-dns-servers.htm
>
> Also try to contact a http service with an ip such as ngtech.co.il|
> 84.95.212.160 (which will be a good test against a server that has only
> ipv4 address).
>
> If after all the above something is weird I would suggest you for a second
> to run the squid with default squid.conf(if you are using debian then you
> will need to remove couple "#" for the localnet acls).
>
> You should know that there are cases which couple dns services just stops
> responding to dns queries which looks like what you see if it worked before.
>
> Eliezer
>
> On 03/03/2016 09:08, Dan Charlesworth wrote:
>
>> On 03/03/2016 07:39, Dan Charlesworth wrote:
>>>>>
>>>> >>>>Right now we have 1 squid box (out of a lot), running 3.5.13, which
>>> does something like this for every request, taking about 10 seconds:
>>> >>>>
>>> >>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1794)
>>> idnsPTRLookup: idnsPTRLookup: buf is 43 bytes for 10.100.128.1, id = 0x733a
>>> >>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1745)
>>> idnsALookup: idnsALookup: buf is 29 bytes for httpbin.org, id = 0x8528
>>> >>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1683)
>>> idnsSendSlaveAAAAQuery: buf is 29 bytes for httpbin.org, id = 0x69c2
>>> >>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1277) idnsRead:
>>> idnsRead: starting with FD 7
>>> >>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1323) idnsRead:
>>> idnsRead: FD 7: received 93 bytes from 192.231.203.132:53
>>> >>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1130)
>>> idnsGrokReply: idnsGrokReply: QID 0x733a, -3 answers
>>> >>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1195)
>>> idnsGrokReply: idnsGrokReply: error Name Error: The domain name does not
>>> exist. (3)
>>> >>>>2016/03/03 16:30:53.884 kid1| 78,3| dns_internal.cc(1384)
>>> idnsCheckQueue: idnsCheckQueue: ID dns8 QID 0x8528: timeout
>>> >>>>2016/03/03 16:30:53.884 kid1| 78,3| dns_internal.cc(1384)
>>> idnsCheckQueue: idnsCheckQueue: ID dns0 QID 0x69c2: timeout
>>> >>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1277) idnsRead:
>>> idnsRead: starting with FD 7
>>> >>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1323) idnsRead:
>>> idnsRead: FD 7: received 110 bytes from 172.16.100.4:53
>>> >>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1130)
>>> idnsGrokReply: idnsGrokReply: QID 0x69c2, 0 answers
>>> >>>>2016/03/03 16:30:58.885 kid1| 78,3| dns_internal.cc(1384)
>>> idnsCheckQueue: idnsCheckQueue: ID dns8 QID 0x8528: timeout
>>> >>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1277) idnsRead:
>>> idnsRead: starting with FD 7
>>> >>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1323) idnsRead:
>>> idnsRead: FD 7: received 246 bytes from 172.16.100.5:53
>>> >>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1130)
>>> idnsGrokReply: idnsGrokReply: QID 0x8528, 1 answers
>>> >>>>
>>>
>>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160304/9516bd33/attachment-0001.html>
More information about the squid-users
mailing list