Thanks for your input Eliezer.
I've tested against various public DNS servers at this point so I'm ruling out any DNS-server-side problems. The only time there's any timeouts or slowness is when the request is going through squid. Doesn't seem to matter which HTTP server I'm requesting, whether it returns multiple IPs or not.
Also worth noting that this company has about 30 other sites with mostly identical network topologies and equipment where it's completely fine.
On 3 March 2016 at 18:44, Eliezer Croitoru <eliezer@xxxxxxxxxxxx> wrote:
Well what I can see is that there are couple queries ID and the issues are:
0x8528: timeout
0x69c2 - timeout
but I am pretty sure that the DNS server that the query is against is:
192.231.203.132:53
So the first thing is to findout what dns servers are defined inside squid.conf
if you don't have any then look at /etc/resolv.conf
You should have there a list of server that you should run the dig -x command against and see how every one of them responses.
>From squid point of view the issues are probably:
- network routing or firewall level issues(another middle machine or local settings)
- buggy or faulty or wrongly-configured dns server
The main reason that squid does the PTR lookup and other queries is since these are required.
If you want to start from the bottom and up you can try another thing:
use the dns_nameserver squid.conf option [ http://www.squid-cache.org/Doc/config/dns_nameservers/ ] with the local dns that worked fast for dig and nslookup(192.231.203.3) and only this use.
It should be:
dns_nameservers 192.231.203.3
You can run couple trials against public dns services like opendns\google or any other that is mentioned at: http://pcsupport.about.com/od/tipstricks/a/free-public-dns-servers.htm
Also try to contact a http service with an ip such as ngtech.co.il|84.95.212.160 (which will be a good test against a server that has only ipv4 address).
If after all the above something is weird I would suggest you for a second to run the squid with default squid.conf(if you are using debian then you will need to remove couple "#" for the localnet acls).
You should know that there are cases which couple dns services just stops responding to dns queries which looks like what you see if it worked before.
Eliezer
On 03/03/2016 09:08, Dan Charlesworth wrote:
>>>>Right now we have 1 squid box (out of a lot), running 3.5.13, which does something like this for every request, taking about 10 seconds:On 03/03/2016 07:39, Dan Charlesworth wrote:
>>>>
>>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1794) idnsPTRLookup: idnsPTRLookup: buf is 43 bytes for 10.100.128.1, id = 0x733a
>>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1745) idnsALookup: idnsALookup: buf is 29 bytes for httpbin.org, id = 0x8528
>>>>2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1683) idnsSendSlaveAAAAQuery: buf is 29 bytes for httpbin.org, id = 0x69c2
>>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 93 bytes from 192.231.203.132:53
>>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x733a, -3 answers
>>>>2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1195) idnsGrokReply: idnsGrokReply: error Name Error: The domain name does not exist. (3)
>>>>2016/03/03 16:30:53.884 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns8 QID 0x8528: timeout
>>>>2016/03/03 16:30:53.884 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns0 QID 0x69c2: timeout
>>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 110 bytes from 172.16.100.4:53
>>>>2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x69c2, 0 answers
>>>>2016/03/03 16:30:58.885 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns8 QID 0x8528: timeout
>>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 246 bytes from 172.16.100.5:53
>>>>2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x8528, 1 answers
>>>>
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users