[squid-users] squid5 Happy Eyeballs - Is it possible to enable IPV4 only or IPV6 only ?

Alex Rousskov rousskov at measurement-factory.com
Tue May 3 13:04:32 UTC 2022 

On 5/3/22 02:35, Francesco Chemolli wrote:
> Could tcp_outgoing_address do the deed, forcing a certain source ip or 
> ipv4-only interface for some or all requests?

No, not without Squid modifications[1]: Today, tcp_outgoing_address is 
consulted _after_ the address family is already decided for the current 
connection attempt (by the peer selection algorithms selecting a 
specific destination address). We can change that, of course, but 
probably not without some backward compatibility headaches.

[1] Unless, perhaps, one abuses tcp_outgoing_address to select an 
immediately failing source IP address (e.g., the one Squid cannot bind 
to?) as a way to force another attempt (hopefully using another address 
family). I do not know whether this hack would work, and suspect it 
would depend on which socket operation fails when using the special 
"force failure" source IP address.


HTH,

Alex.


> On Mon, 2 May 2022 at 16:39, Alex Rousskov wrote:
> 
>     On 5/1/22 23:49, Ahmad Alzaeem wrote:
> 
>      > sometime the IPV4
>      > instance receive DNS resolution of the destination as IPV6 and the
>      > connection fails !!
>      >
>      > sometimes the IPV4 instance receive the DNS resolution of the
>      > destination as IPV6 and the connection fail .
>      >
>      > Is there any option we can do based on the environment above ?
> 
> 
>     Without Squid code modifications, your options are:
> 
>     * Use a custom DNS resolver (configuration) that never sends IPv4
>     address records to an IPv6-only Squid. Use a custom DNS resolver
>     (configuration) that never sends IPv6 address records to an IPv4-only
>     Squid. Configure each Squid to use the right resolver (see
>     dns_nameservers).
> 
>     * Disable IPv6 support in IPv4-only Squid at ./configure time. This
>     does
>     not help with the IPv6-only Squid and has other negative side
>     effects. I
>     do not recommend this option.
> 
> 
>       > Like maybe we disable eyeballs or preserving it while add an option
>       > like DNS A records or DNS AAAA records .
> 
>     It would be possible to enhance Squid by adding a configuration option
>     that disables (certain) A or AAAA queries, but proper modifications are
>     not trivial and nobody has done them yet:
>     https://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F
>     <https://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F>
> 
> 
>     Cheers,
> 
>     Alex.
> 
>     _______________________________________________
>     squid-users mailing list
>     squid-users at lists.squid-cache.org
>     <mailto:squid-users at lists.squid-cache.org>
>     http://lists.squid-cache.org/listinfo/squid-users
>     <http://lists.squid-cache.org/listinfo/squid-users>
> 
> -- 
> @mobile

More information about the squid-users mailing list