<span id="mailbox-conversation">Thanks Amos!<div><br></div>
<div>I reckon that dns_packet_max directive might be playing into it. Most of the problematic hostnames seem to return large pools of IPs.</div>
<div><br></div>
<div>Only one way to find out ...</div></span><div class="mailbox_signature">
<br> </div>
<br><br><div class="gmail_quote"><p>On Thu, Feb 26, 2015 at 3:59 PM, Amos Jeffries <span dir="ltr"><<a href="mailto:squid3@treenet.co.nz" target="_blank">squid3@treenet.co.nz</a>></span> wrote:<br></p><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><p>On 26/02/2015 2:23 p.m., Dan Charlesworth wrote:<br>> Hey y’all<br>> <br>> I don’t remember this being covered before…<br>> <br>> I see this error (warning?) pretty frequently for hostnames which I can always resolve fine if I try them on the same server with dig or nslookup.<br>> <br><br>Are you sure you are resolving them in the same way Squid is?<br><br>dig in particular will send a request and does the recursion lookups<br>itself. Whereas Squid has to work with the first response the NS(s)<br>provide for each for A and AAAA queries ... and *will* cache that<br>response for the TTL provided in the packet.<br><br><br>You may also need to enable EDNS0 advertisements in Squid to receive<br>back large sets of IP addresses from some servers (and avoid TCP<br>failover on others).<br><http://www.squid-cache.org/Doc/config/dns_packet_max/><br><br><br>> What’s the deal? And what does the client experience in the browser when one of these occurs?<br><br>Something along the lines of:<br>"<br>ERROR: The requested URL could not be retrieved<br><br>The following error was encountered while trying to retrieve the URL: ...<br><br>Unable to determine IP address from host name <domain><br><br>The DNS server returned:<br> No Address records<br><br>This means that the cache was not able to resolve the hostname presented<br>in the URL. Check if the address is correct.<br>"<br><br>... unless they are using one of the browsers the replace proxy error<br>reports with their own "friendly" pages (MSIE and Chrome). Then its some<br>obscure error code label or number. Or if it was a javascript XHR<br>request it may be in a hard-to-see popup that disappears quickly -<br>leaving them thinking nothing happened.<br><br>Amos<br><br>_______________________________________________<br>squid-users mailing list<br>squid-users@lists.squid-cache.org<br>http://lists.squid-cache.org/listinfo/squid-users<br></p></blockquote></div><br>