On 12/10/17 15:04, Geoffrey wrote:
Hello folks, I am finding that Squid will not use the secondary DNS if the first one is taken offline. In this case the primary DNS is not able to respond because I have taken it offline, and therefore the secondary DNS should be queried by squid, but is not.
How are you determining that exactly? squid logs? DNS logs? firewall counters? packet traces?
I have 2 Windows recursive DNS servers; 192.168.100.249 and 192.168.100.248, that are statically specified in /etc/resolv.conf. I am authenticating against AD using i) Kerberos and ii) NTLM. This looks like it is a Squid internal dns client response rather than operating system. While 192.168.100.249 is offline, all other queries done by command-line queries work OK which indicates the system is using the secondary DNS server fine… just not Squid! What we want to happen of course is that if the primary (192.168.100.249) is down or it cannot contact root DNS servers, then it contacts the secondary nameserver specified on the LAN (as per the configuration in resolv.conf) and resolves the name. *Squid is SUCCESSFULLY reading resolv.conf as proved in cache.log after reload *Setting dns resolvers directly in the squid config file with 'dns_nameservers' does not resolve the issue as the symptom is identical *modified squid dns timeouts to a low value (less than 10 secs) for testing but made no difference Many thanks for any ideas you may have.
What does the cachemgr "idns" report say? command line: squidclient mgr:idns or URL: http://$(visible_hostname):3128/squid-internal-mgr/idns Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
