On 5/3/22 09:04, Alex Rousskov wrote:
On 5/3/22 02:35, Francesco Chemolli wrote:
Could tcp_outgoing_address do the deed, forcing a certain source ip or
ipv4-only interface for some or all requests?
No, not without Squid modifications[1]: Today, tcp_outgoing_address is
consulted _after_ the address family is already decided for the current
connection attempt (by the peer selection algorithms selecting a
specific destination address). We can change that, of course, but
probably not without some backward compatibility headaches.
[1] Unless, perhaps, one abuses tcp_outgoing_address to select an
immediately failing source IP address (e.g., the one Squid cannot bind
to?) as a way to force another attempt (hopefully using another address
family). I do not know whether this hack would work, and suspect it
would depend on which socket operation fails when using the special
"force failure" source IP address.
More ideas along those lines can be found on the following thread:
http://lists.squid-cache.org/pipermail/squid-users/2019-October/021186.html
Alex.
On Mon, 2 May 2022 at 16:39, Alex Rousskov wrote:
On 5/1/22 23:49, Ahmad Alzaeem wrote:
> sometime the IPV4
> instance receive DNS resolution of the destination as IPV6 and the
> connection fails !!
>
> sometimes the IPV4 instance receive the DNS resolution of the
> destination as IPV6 and the connection fail .
>
> Is there any option we can do based on the environment above ?
Without Squid code modifications, your options are:
* Use a custom DNS resolver (configuration) that never sends IPv4
address records to an IPv6-only Squid. Use a custom DNS resolver
(configuration) that never sends IPv6 address records to an IPv4-only
Squid. Configure each Squid to use the right resolver (see
dns_nameservers).
* Disable IPv6 support in IPv4-only Squid at ./configure time. This
does
not help with the IPv6-only Squid and has other negative side
effects. I
do not recommend this option.
> Like maybe we disable eyeballs or preserving it while add an
option
> like DNS A records or DNS AAAA records .
It would be possible to enhance Squid by adding a configuration
option
that disables (certain) A or AAAA queries, but proper
modifications are
not trivial and nobody has done them yet:
https://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F
<https://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F>
Cheers,
Alex.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
<mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>
http://lists.squid-cache.org/listinfo/squid-users
<http://lists.squid-cache.org/listinfo/squid-users>
--
@mobile
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
