[squid-users] Bad Connection & Round Robin DNS
garryd at comnet.uz
Tue Nov 22 17:00:29 UTC 2016
On 2016-11-22 21:07, Jiann-Ming Su wrote:
> Is there a way to set the timeout on a bad connection?
Yes, you can use 'connect_timeout'  directive.
> When watching
> tcpdump on the two IPs, I did not see my squid instance try the other
> IP automatically. I had to refresh my web browser connection multiple
> times. This also indicates some DNS caching persistence. Are there
> other DNS settings that can improve this behavior?
I believe Squid is configured for interception in your environment. In
this case DNS resolution is performed on a client side and Squid uses
resolved by the client destination IP address to connect to origin. In
interception mode, Squid performs DNS resolution just to prevent Host
forgery attack .
If you configure the clients explicitly, Squid will mark bad IP
addresses and will avoid their use. It this case, you can use
'squidclient mgr:ipcache'  to monitor resolved by Squid IP addresses
and their status.
More information about the squid-users