Dear All, I was reading the article, but I guess it's too old. Can anybody update me Still Squid can't handle SSL(https) Pages? http://www.squid-cache.org/mail-archive/squid-users/200907/0073.html HTTP port 80 can be intercepted. Or other known plain HTTP port if you are very certain of them. HTTPS is encrypted. Thats what the 'S' means (Secure over SSL). You _cannot_ intercept an encrypted transaction and expect a plain-text HTTP processor to handle it. -----Original Message----- From: J. Webster [mailto:webster_jack@xxxxxxxxxxx] Sent: Monday, February 08, 2010 7:05 PM To: swright@xxxxxxxxxxxx; squid-users@xxxxxxxxxxxxxxx Subject: RE: Is OpenDNS efficient for squid? I have put the nameservers into squid.conf. However, today I received the same error. Squid times out on the following site https://www.skyplayer.com This is the dig result: [root@# dig skyplayer.sky.com ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> skyplayer.sky.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35479 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;skyplayer.sky.com. IN A ;; ANSWER SECTION: skyplayer.sky.com. 300 IN CNAME wildcard.sky.com.edgekey.net. wildcard.sky.com.edgekey.net. 21600 IN CNAME e3228.b.akamaiedge.net. e3228.b.akamaiedge.net. 20 IN A 92.123.93.52 ;; Query time: 162 msec ;; SERVER: 213.171.192.249#53(213.171.192.249) ;; WHEN: Mon Feb 8 13:57:05 2010 ;; MSG SIZE rcvd: 126 If dig works and nslookup gives: [root@]# nslookup skyplayer.com Server: 213.171.192.249 Address: 213.171.192.249#53 Non-authoritative answer: Name: skyplayer.com Address: 80.238.9.232 Any reasons why squid won't resolve it? ---------------------------------------- > Date: Sun, 7 Feb 2010 19:03:09 -0800 > From: swright@xxxxxxxxxxxx > To: squid-users@xxxxxxxxxxxxxxx > Subject: Re: Is OpenDNS efficient for squid? > > ----- "Dieter Bloms" wrote: >> Hi, >> >> On Sun, Feb 07, J. Webster wrote: >> >>> Is there any problem with using opendns server as the dns_nameserver in squid? >>> Is it slower than using the local hosts namersevrers? >>> I have an issue with dns timeouts for 1 or 2 websites and am having to restart the dns cache (nscd) every 6 hours to flush it. >>> I thought adding the nameservers to the squid.conf would bypass this issue. >> >> you can savely disable nscd. >> I had some trouble with nscd till I disabled it. >> I think you don't get any performance issues. >> >> >> -- >> Gruß >> >> Dieter > > We switched to OpenDNS in December, after years of using our own djbdns servers, and have not seen any issues. The server provides access to 650 campus users over a 1Gb link, with typically 100Req/s throughout the day. Our hope is that OpenDNS will reduce the time spent on ACL maintenance in squid, and allow us to drop some ACLs completely. > > -- > Shawn Wright > I.T. Manager, Shawnigan Lake School > http://www.shawnigan.ca _________________________________________________________________ Tell us your greatest, weirdest and funniest Hotmail stories http://clk.atdmt.com/UKM/go/195013117/direct/01/