Hooray progress :)
On 2/12/2011 5:49 a.m., David Touzeau wrote:
Here it is the log in debug mode :
----------
2011/12/01 17:49:14.106 kid1| HTTP Client local=4.26.235.254:80
remote=192.168.1.228:1074 FD 30 flags=33
2011/12/01 17:49:14.106 kid1| HTTP Client REQUEST:
---------
GET /v9/windowsupdate/a/selfupdate/WSUS3/x86/Other/wsus3setup.cab?1112011649 HTTP/1.1
Accept: */*
User-Agent: Windows-Update-Agent
Host: download.windowsupdate.com
Connection: Keep-Alive
K. first problem:
# host download.windowsupdate.com
...
download.windowsupdate.com.c.footprint.net has address 204.160.124.126
download.windowsupdate.com.c.footprint.net has address 8.27.83.126
download.windowsupdate.com.c.footprint.net has address 8.254.3.254
Client is connecting to server 4.26.235.254 port 80. Which is clearly
not "download.windowsupdate.com" according to the official DNS entries I
can see. It is likely you have another set of IPs entirely, so please
confirm that by running "host download.windowsupdate.com" on the Squid box.
Note that transparent Squid requires the same DNS "view" as the clients
to keep the traffic flowing to the right places. Since it should be in
the same network as the clients for transparent to work anyway this is
not usually a problem. But can appear if you or the client is doing
anything fancy with DNS server configurations.
NP: if 4.26.235.254 happens to be a local WSUS server you need to
configure your local DNS to pass that info on to Squid for the relevant
WSUS hosted domains. You will also benefit from Squid helping to enforce
that MS update traffic stays on-LAN.
Amos
