Amos, You told the Squid will check the original dns from the headers, then it'll do its own dns resolution to verify they both match. So, if no match, Squid does the request to internet based on the dns it found. If I'm right, that the current way, correct ? What we could do is the same way but as Squid has downloaded the object based on its dns records, it means the object is correct, the right one. So, keep all details from Squid job and push the object to the cache (if cacheable). user request -> squid checks the dns is ok (corrects it if needed) -> squid download the right object and cache. user request -> squid checks the dns is ok (corrects it if needed) -> squid pushs from its cache. Again, if Squid requests the right object based on its dns requests, it'll deliver to clients the good one. So, we should not see ORIGINAL_DST anymore... And, when I see the archi Yuri must to do to avoid ORIGINAL_DST, I'm sure all Squid users will be happy Fred -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/TProxy-and-client-dst-passthru-tp4670189p4672044.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
