[squid-users] squid does not cache dns lookups

Hello out there,

sorry if i double post,

i tryied to post to this maillist via google groups two days ago, i
thought
about it, and i came to the conclusion that usenet postings may not be
retransfered to the mailinglist.

This was my original question:

I have a squid 2.3.STABLE1 ( IP_AUTH Patch ) on redhat linux 7.0
kernel 2.2.18
running as internal proxy for internet access.
squid has annother proxy as parent in its configuration

cache_peer 192.168.30.2 parent 8080 0 no-query default

never_direct deny internal
never_direct allow all

i have some acls making use of dns such as dstdomain <domain> or src
<ip> .

The IP_AUTH patch allows you to submit username and password for porxy
authetification over a secure connetcion ( https server and cgi
scripts ) and validiate it against ldap ( in my implementation )

The server is running fine, i just noticed a huge number of dns
connections ( >= 1000 ) to our internal dns server from time to time.

As i started to monitor our internal dns server ( bind 8 on solaris 8
) ( for annother reason by the way ) i noticed that every request for
a web page, resulted in about 10-40 dns querys for that domain name,
one for every item on that page, i think. I think that is the reason
for the huge number of connetctions to the dns server.

from the logfile of the dns server
.
.
14-Nov-2001 20:41:58.630 XX+/192.168.40.1/www.test.de/A/IN
14-Nov-2001 20:41:58.780 XX+/192.168.40.1/www.test.de/A/IN
14-Nov-2001 20:41:58.868 XX+/192.168.40.1/www.test.de/A/IN
14-Nov-2001 20:41:58.874 XX+/192.168.40.1/www.test.de/A/IN
and so on
.
.
.

( as you can see i am from germany (-: )
(192.168.40.1 is the proxy)

As far as my unterstanding of squid goes, it should once lookup
and then cache the entry as long as the ttl of the record is.
(As far as the cache_postive|negative_dns directrieves are not changed
(what they are not. Negative was set to 0,
but i changed it to default, no difference.))
 
A look to cachemgr.cgi confirmed this, ( a lot of cache hits )

IP Cache Statistics:
IPcache Entries: 196
IPcache Requests: 53293
IPcache Hits: 44959
IPcache Pending Hits: 261
IPcache Negative Hits: 57
IPcache Misses: 453

A test.

requesting www.feuerwehr.de ( www.firefighters.com )
raised

IP Cache Statistics:
IPcache Entries: 196
IPcache Requests: 53349
IPcache Hits: 45011
IPcache Pending Hits: 261
IPcache Negative Hits: 57
IPcache Misses: 453

to

IP Cache Statistics:
IPcache Entries: 198 ( 2 more )
IPcache Requests: 53427 ( 78 more )
IPcache Hits: 45074 ( 63 more )
IPcache Pending Hits: 263 ( 2 more )
IPcache Negative Hits: 57
IPcache Misses: 457 ( 5 more )

but gave me 6 entries for lookups for www.feuerwehr.de( A Record ),
i thinks thats because there are not many pictures on the start page,
other sites give me up to 40 lookups for the same address.

Can someone tell me if that behaviour is normal?
In my eyes it is not?

thank you,

timo proescholdt
Received on Fri Nov 16 2001 - 10:57:11 MST