[squid-users] Recent Squid 4 versions show ERR_CANNOT_FORWARD instead of ERR_DNS_FAIL
Amos Jeffries
squid3 at treenet.co.nz
Wed Oct 10 14:24:08 UTC 2018
On 11/10/18 12:58 AM, Christof Gerber wrote:
> I am wondering why the recent Squid4
> (v4-57a5679bae20e90ef73473e03327e37aa0263570) with a minimal config,
This is not how Squid versions are numbered.
The commit hash above matches to squid-5.0.0-20181008-r57a5679
Any build made from a checkout of that hash contains much code that has
never been in Squid-4 and never will.
> when accessing a non-existing domain (e.g.
> http://fsdafasdfsadfklsdj.ch/) produces a ERR_CANNOT_FORWARD error
Squid-5 code is currently in "alpha" state. Meaning it is not yet well
tested by many people beyond the particular change authors, and one
should expect to face not-yet documented behaviour changes and bugs when
running it.
If you did not intend to run the latest cutting-edge Squid code, you may
want to stick with the formal release bundles and snapshots rather than
building binaries by commit hash.
If you do want to run the latest development code, I thank you for the
interest and assistance testing. But please do refer to the commits by
their matching formal Squid versions (eg snapshot name or release
number). Doing so will clarify for you and for us both the expected
behaviour and the state of the code (alpha, beta, stable) you are comparing.
> when the older Squid4 (v4-6d8f397398995c4512cb045920ee2747cc6b14f8)
This hash being the Squid-4.2 stable release commit.
Which makes its version number(s) 4.2 or snapshot
squid-4.2-20180910-r6d8f397.
> produces a ERR_DNS_FAIL as it is also the case for Squid 3.5.
>
> Why does this different behaviour occur?
> Is it a bug or is it a feature?
To answer your questions we will need to know what actual Squid version
you are running. Show the output of squid -v please.
Also the config that Squid is using. The contents of your squid.conf
please. Strip out #-commented lines if it is large.
Also what do DNS responses look like when the resolver being used by
Squid is asked to fetch those non-existent domains.
Does it return an NXDOMAIN, a SERVFAIL, no response, a response with no
IPs, or a response with false IPs ?
>
> Ps. Squid 4 v4-9d6a91ba608acadb9f3cb397d72748a711db3c91 is still
> producing ERR_DNS_FAIL.
>
This is again a Squid-5 commit hash.
The equivalent Squid-4 hash was fcc58c36535edf58ecef3683762c051d4e7e93cc
and correlates to a 4.0.23 beta release snapshot.
Amos
More information about the squid-users
mailing list