[squid-users] Squid proxy without name resolution for internet adresses behind parent proxy

Eliezer Croitoru eliezer at ngtech.co.il
Sun Apr 30 06:50:42 UTC 2017


Can you try to add the next to your squid.conf:
dns_v4_first on

and see if it helps?

Eliezer

* http://www.squid-cache.org/Doc/config/dns_v4_first/

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il



-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of mbaltruschat
Sent: Saturday, April 29, 2017 11:08 PM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Squid proxy without name resolution for internet adresses behind parent proxy

Hello Amos,

many thanks for your reply, to your first question, here are some details
about our network structure and how the clients connect to the proxy:

We have a corporate network, which has a firewall to the internet, which we
use as parent proxy for our own proxy servers.
The DNS Servers in the corporate network dont resolve public adresses, and
there is no routing to public adresses, the only way to access the internet
is by the corporate firewall.

At each bigger location weve got a squid proxy, at the moment Versions from
2.6 to 2.7 in different releases, running on Windows 2003 and 2008R2
Servers.
These squids are configured with no dns Server entries, the underlying
Windows machines of these proxys are configured with our corporate AD-DNS
Servers.

The clients (Windows 7 and 10) are getting their proxy settings for Internet
Explorer and Firefox by GPO. These settings are the aliasname for the proxy
and the port, which is 8080, and some proxy exclusions for corporate
applications servers. The clients are members in an AD Domain and get there
DNS Server entries by DHCP. The clients can successfully resolve the aliases
and hostnames of the proxys to their ip-adresses an can communicate with
them.
These proxys, lets call them "old proxys" are working fine.

To get rid of Server 2003 and squid 2.6/2.7, i installed a Ubuntu 16.04.2
LTS and Squid3.5, an rewrote the config from one of the old proxys,
and basically, the proxy was functional, but all request are very, very,
slow, like the proxy waits for some timeout at each request.

To your second question, i am from germany, sorry, with "configure it" or
"configure it not" i meant that i configured squid to use a dns server in
the conf or not, and in the case of the operating system, had set a dns
server to use, or not, in the network config of ubuntu.

If you need further infos please ask, i am also preparing my configs (old /
new) to post them here, but i have to anonymize them before posting, i think
i can handle this until tomorrow.

Best Regards
Marcel







--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-proxy-without-name-resolution-for-internet-adresses-behind-parent-proxy-tp4682225p4682235.html
Sent from the Squid - Users mailing list archive at Nabble.com.
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users



More information about the squid-users mailing list