On Wed, 24 Feb 2010 16:45:57 +0000, <Dariusz.Panasiuk@xxxxxxxxxxxxxx> wrote: > Hi All, > > During analysing DNS traffic from 22 2.6.STABLE21 Squids I have noticed > that there is a substantial number of queries where Squids try to resolve > hostname of its peers. All of the boxes run as independent servers, without > shared cache. > > My question is why they need IP of others Squids, and where did they get > hostname of them? > Servers run only Squid daemon, so there isn't any www or any other extra > service on them. We use Cisco ACE hardware load balancer, where all of the > Squids are represented by 1 IP. > > I am attaching below sample of squid.conf: > > http_port x.x.x.x:3128 > http_port 127.0.0.1:3128 > > visible_hostname proxy.xxx.uk.com > cache_mgr xxx@xxxxxxxxx > > hierarchy_stoplist cgi-bin ? > > acl QUERY urlpath_regex cgi-bin \? > no_cache deny QUERY no_cache is obsolete. Use: cache deny QUERY OR.... drop the QUERY bits altogether to cache the portion of dynamic pages which are cacheable. <snip> > > #----Rewriter/Redirector Parameters--- > #url_rewrite_program /usr/local/netsweeper/bin/redir -f > http://x.x.x.x:8080/webadmin/deny/unavail.php -P3429 x.x.x.x > url_rewrite_program /usr/local/netsweeper/bin/pcf_redir.pl > url_rewrite_children 128 > Squid will need to lookup all hostnames this script provides it with in order to determine where the request it to be sent. <snip> > > #----Global ACLs---- > #------- we don't have any of Squids IPs/names in any of ACLs --------# But you do have ACLs? they do most of the DNS work in Squid. The config you show don't have any peers. What you have is _sources_ that Squid will be looking up every time it needs to deliver a request. All it has to work with is the requested domain name and then later the URL-rewritten domain name to be looked up instead. Logging may also be trying to log the client host name. If a request comes in from one of the other Squid it will be looked up. Amos
