[squid-users] Recent Squid 4 versions show ERR_CANNOT_FORWARD instead of ERR_DNS_FAIL

Tommy Brunn tommy.brunn at klarna.com
Wed Aug 9 12:14:49 UTC 2023


It's been 5 years since this was originally posted, but I am currently
in the process of upgrading from Squid 4.13 to 5.8, and have
encountered the same scenario when running our integration tests to
validate the existing behavior. To summarize, given the exact same
configuration in both versions, making a CONNECT request for a domain
that doesn't exist used to result in a 503 response with an
ERR_DNS_FAIL error. In Squid 5.8 this instead results in a 500
response with an ERR_CANNOT_FORWARD error.

For reference, I am using the version of Squid that is packaged in the
most recent version of Amazon Linux 2023. As requested in the last
email regarding this issue, I have attached verbose debug logs from
squid, as well as the squid configuration file, the full output of
`squid -v` and finally the output of `dig` on the non-existent domain
from the same context as squid is running in:
https://gist.github.com/Nevon/ee4d379877b9570cccb4f21df7382a63

Does anyone know if this is an intentional change or a bug? If it's an
intentional change, what is the rationale behind the change and is it
mentioned anywhere in a pull request or similar? I wasn't able to find
any other references to this other than this one thread with no
resolution from October 2018.

Thanks!

-- 
Tommy Brunn


More information about the squid-users mailing list