On 5/3/22 02:35, Francesco Chemolli wrote:
Could tcp_outgoing_address do the deed, forcing a certain source ip or
ipv4-only interface for some or all requests?
No, not without Squid modifications[1]: Today, tcp_outgoing_address is
consulted _after_ the address family is already decided for the current
connection attempt (by the peer selection algorithms selecting a
specific destination address). We can change that, of course, but
probably not without some backward compatibility headaches.
[1] Unless, perhaps, one abuses tcp_outgoing_address to select an
immediately failing source IP address (e.g., the one Squid cannot bind
to?) as a way to force another attempt (hopefully using another address
family). I do not know whether this hack would work, and suspect it
would depend on which socket operation fails when using the special
"force failure" source IP address.
HTH,
Alex.
On Mon, 2 May 2022 at 16:39, Alex Rousskov wrote:
On 5/1/22 23:49, Ahmad Alzaeem wrote:
> sometime the IPV4
> instance receive DNS resolution of the destination as IPV6 and the
> connection fails !!
>
> sometimes the IPV4 instance receive the DNS resolution of the
> destination as IPV6 and the connection fail .
>
> Is there any option we can do based on the environment above ?
Without Squid code modifications, your options are:
* Use a custom DNS resolver (configuration) that never sends IPv4
address records to an IPv6-only Squid. Use a custom DNS resolver
(configuration) that never sends IPv6 address records to an IPv4-only
Squid. Configure each Squid to use the right resolver (see
dns_nameservers).
* Disable IPv6 support in IPv4-only Squid at ./configure time. This
does
not help with the IPv6-only Squid and has other negative side
effects. I
do not recommend this option.
> Like maybe we disable eyeballs or preserving it while add an option
> like DNS A records or DNS AAAA records .
It would be possible to enhance Squid by adding a configuration option
that disables (certain) A or AAAA queries, but proper modifications are
not trivial and nobody has done them yet:
https://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F
<https://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F>
Cheers,
Alex.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
<mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>
http://lists.squid-cache.org/listinfo/squid-users
<http://lists.squid-cache.org/listinfo/squid-users>
--
@mobile
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
