[squid-users] Bizarrely slow, timing out DNS only via Squid :D

Thu Mar 3 07:44:01 UTC 2016

Well what I can see is that there are couple queries ID and the issues are:
0x8528: timeout
0x69c2 - timeout

but I am pretty sure that the DNS server that the query is against is:
192.231.203.132:53

So the first thing is to findout what dns servers are defined inside 
squid.conf
if you don't have any then look at /etc/resolv.conf

You should have there a list of server that you should run the dig -x 
command against and see how every one of them responses.
 From squid point of view the issues are probably:
- network routing or firewall level issues(another middle machine or 
local settings)
- buggy or faulty or wrongly-configured dns server

The main reason that squid does the PTR lookup and other queries is 
since these are required.

If you want to start from the bottom and up you can try another thing:
use the dns_nameserver squid.conf option [ 
http://www.squid-cache.org/Doc/config/dns_nameservers/ ] with the local 
dns that worked fast for dig and nslookup(192.231.203.3) and only this use.
It should be:
dns_nameservers 192.231.203.3

You can run couple trials against public dns services like 
opendns\google or any other that is mentioned at: 
http://pcsupport.about.com/od/tipstricks/a/free-public-dns-servers.htm

Also try to contact a http service with an ip such as 
ngtech.co.il|84.95.212.160 (which will be a good test against a server 
that has only ipv4 address).

If after all the above something is weird I would suggest you for a 
second to run the squid with default squid.conf(if you are using debian 
then you will need to remove couple "#" for the localnet acls).

You should know that there are cases which couple dns services just 
stops responding to dns queries which looks like what you see if it 
worked before.

Eliezer

On 03/03/2016 09:08, Dan Charlesworth wrote:
>>>>On 03/03/2016 07:39, Dan Charlesworth wrote:
>> >>>>Right now we have 1 squid box (out of a lot), running 3.5.13, which does something like this for every request, taking about 10 seconds:
>> >>>>
>> >>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1794) idnsPTRLookup: idnsPTRLookup: buf is 43 bytes for 10.100.128.1, id = 0x733a
>> >>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1745) idnsALookup: idnsALookup: buf is 29 bytes for httpbin.org, id = 0x8528
>> >>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1683) idnsSendSlaveAAAAQuery: buf is 29 bytes for httpbin.org, id = 0x69c2
>> >>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>> >>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 93 bytes from 192.231.203.132:53
>> >>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x733a, -3 answers
>> >>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1195) idnsGrokReply: idnsGrokReply: error Name Error: The domain name does not exist. (3)
>> >>>>2016/03/03 16:30:53.884 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns8 QID 0x8528: timeout
>> >>>>2016/03/03 16:30:53.884 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns0 QID 0x69c2: timeout
>> >>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>> >>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 110 bytes from 172.16.100.4:53
>> >>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x69c2, 0 answers
>> >>>>2016/03/03 16:30:58.885 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns8 QID 0x8528: timeout
>> >>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>> >>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 246 bytes from 172.16.100.5:53
>> >>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x8528, 1 answers
>> >>>>