Hi steve, yeah u r correct u should start caching dns on squid server and set squid server's private ip as the primary DNS on th eclient . U can start the named service on squid service with the command /etc/init.d/named start and the things will go. U don hav to make ne changes in the squid.conf. Regards dev On 5/13/05, Steven Morris <steven.morris@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > Hi Dev, > > Thanks very much for your response. > > Am I correct in thinking that I should set my LAN client's primary DNS > server address to the IP address of the proxy server? > You mentioned I should start caching DNS on the proxy server.. how would I > go about this? Do I need to configure something on > the proxy server / squid.conf to enable this? > > I'm not currently able to ping our ISP dns server from the client. I can > however (as expected) ping the dns server from the proxy server. > > My setup involves the following: > Proxy server with two ethernet ports. > eth0: A LAN with the client machines attached.. these are the clients whose > http requests are being served transparently by the proxy server. > eth1: Another LAN containing a wireless router with connection to the > internet. > > In squid.conf, I've setup the configuration for a transparent proxy: > httpd_accel_host virtual > httpd_accel_port 80 > httpd_accel_with_proxy on > httpd_accel_uses_host_header on > > I've set the port used by clients to acces squid (http_port 3128) and ran > the iptables command that redirects incoming tcp packets on port 80 to port > 3128. > Apart from this (and some configuration to ACL's in squid.conf), I've not > changed anything from the default installation of squid. > > Regards > Steve > > > ----- Original Message ----- > From: "dev singh" <dev.pratap@xxxxxxxxx> > To: "Steven Morris" <steven.morris@xxxxxxxxxxxxxxxxxxxxxxx> > Cc: <squid-users@xxxxxxxxxxxxxxx> > Sent: Friday, May 13, 2005 1:22 PM > Subject: Re: [squid-users] DNS lookup failure when transparent proxy > > Hi steve, > > Start caching DNS on proxy server and put ur server's private ip as > the primary DNS on client and the things will go. > > I think the problem with ur existing configuration is that the private > ip which u r using on ur clients , they are not known by ur DNS > server. > > r u avle to ping ur dns server from ur clinet . if u r able to do that > than ur configuration will work otherwise it won't. > > For more detail reason kindly give a rough sketch of ur setup > Regards > dev > > On 5/13/05, Steven Morris <steven.morris@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > Hi, > > > > I've installed squid version 2.5 release 9 on redhat linux fedora core 3 > > and > > setup a proxy server (with 2 ethernet ports) between my LAN and the > > internet. > > I've successfully configured Squid so the proxy server runs transparently > > and intercepts all http requests from clients on the LAN. > > When I enter IP address's (including the IP address for google) in the > > client's web browser URL, the pages are served fine, but when I enter a > > domain name in the URL, > > the browser returns the 'Page Cannot be displayed message'. > > > > The client machine and proxy (in /etc/resolv.conf) both know our ISP > > nameservers IP address and I've configured the proxy server firewall to > > allow DNS lookups via UDP on port 53. > > > > If the client browser is configured to use the proxy server (rather than > > have it run transparently), DNS lookups work fine and domain name URL > > pages > > are displayed. > > I would however, really like to get DNS lookups working with a transparent > > proxy setup. > > > > I can't see it myself but would this involve changing settings in > > squid.conf?.. or perhaps some form of iptables forwarding command for DNS > > responses on UDP port 53? (ie to forward incoming > > responses from the nameserver to the proxy back to the client machines on > > the LAN). > > > > Any possible solutions would be greatly appreciated. > > > > Regards, > > > > Steve > > > > > >
