[squid-users] access blocking using DNS -> "NO Address records in response to '....'
Paul Neuwirth
mail at paul-neuwirth.nl
Wed Jan 3 13:01:19 UTC 2018
On Thu, 4 Jan 2018 01:24:57 +1300
Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 03/01/18 20:34, Paul Neuwirth wrote:
> > On Wed, 3 Jan 2018 08:30:36 +0100
> > Paul Neuwirth wrote:
> >
> >> Hello list,
> >>
> >> named is configured to block (resulting in NXDOMAIN) some domains.
> >> Using squid I have following problem:
> >> Browser requests such a blocked URL and named is not delivering an
> >> error, request never times out...
> >> How can I make squid deliver an error in this case.
> >>
>
> ...
> >
> > Sorry, just a minute after sending I found out, named is not
> > delivering NXDOMAIN, but nothing
>
> Nod. That is the cause of the "NO address records" log entry.
>
> The client appears to be disconnecting from Squid after ~10 seconds.
> You can probably get the Squid "unable to resolve" error page to show
> up by reducing dns_timeout to a value of 5-10 seconds
> (<http://www.squid-cache.org/Doc/config/dns_timeout/>).
>
> Amos
thank you. But default is 60 seconds.. but the request never times out..
but never mind.. I found a better solution, reconfigured bind using
response policy zones to send NXDOMAIN.. this feature didn't exist at
that time I did the previous config.
have a nice year
Paul
More information about the squid-users
mailing list