[squid-users] squid only partially working WHY ?
Amos Jeffries
squid3 at treenet.co.nz
Wed Jun 1 10:32:09 UTC 2022
On 30/05/22 21:58, Ian A Taylor wrote:
> Good day
>
> I have install ubuntu 22.04 server on 4 machines
>
> The machines are
>
> spark
>
> compute-0-[0,1,2]
>
> spark has an internet connect plus a connection to a restricted
> (10.1.1.0/24) network
>
> compute-0-[0,1,2] are on the restricted network
>
> 2 of the three compute-0-[0,1,2] machines install with snap ok
>
> but the third fails
>
> I cannot see why
>
Spot the difference:
> 1653903468.117 1 10.1.1.252 TCP_MISS/500 5394 POST
> http://snaps.spark.internal/v2/snaps/refresh - HIER_NONE/- text/html
> 1653903485.009 51235 10.1.1.253 TCP_TUNNEL/200 117316495 CONNECT
> canonical-lgw01.cdn.snapcraftcontent.com:443 - HIER_DIRECT/185.125.190.27 -
>
> spark:/etc/squid/squid.conf
> acl localnet src 10.1.1.254/32
> acl localnet src 10.1.1.253/32
> acl localnet src 10.1.1.252/32
>
> If someone could indicate why this is happening I would be sincerely
> appreciative
>
The traffic which is failing all seems to have *.internal domain names.
The HIER_NONE indicates Squid either cannot resolve those domains in DNS
or cannot connect to any IP that was found.
Modern Squid are capable of resolving mDNS .local domains. I suggest you
try using that instead of a custom .internal TLD. If you do need to have
that custom TLD, make sure to test those domains resolve through the DNS
server used by Squid.
HTH
Amos
More information about the squid-users
mailing list