[squid-users] Squid Cache Problem
Matus UHLAR - fantomas
uhlar at fantomas.sk
Thu Jul 25 06:55:06 UTC 2019
On 25.07.19 00:41, Devilindisguise wrote:
>We have what is probably an easy one. Some Windows servers use a locally
>installed Squid proxy instance for all outbound traffic. These servers also
>make use of some F5 GTM (DNS) servers to provide a resilient inter-DC DNS
>topology.
>
>Essentially what should happen is under steady state conditions any DNS
>request should be given IP address a.a.a.a, then under failure be given
>b.b.b.b. The GTM DNS TTL is 30 seconds.
>
>What we’re finding is that even after 5 mins of failure any HTTP request
>from IE (configured with the Squid proxy) still targets a.a.a.a and traffic
>is dropped. During this period if we remove the Squid proxy from the IE
>settings, it works as now we target b.b.b.b.
>
>So clearly some sort of caching, possibly DNS, is being done on the Squid.
One of main points of DNS design is to be cacheable.
That is why DNS is not suited for load balancing and failover switching.
however, you should be able to look at content of DNS cache in squid using
cachemgr.cgi to see what's wrong there.
also, you can sniff the DNS traffic to see if only proper responses are
going to squid.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
REALITY.SYS corrupted. Press any key to reboot Universe.
More information about the squid-users
mailing list