<div>
DNS server outside squid reply fast to queries? 
 
run bind service with &quot;-g&quot; option to get output to the attahced vty; check any strange error to logs 
 
Put &quot;search epicentre.interna&quot; at the top of your resolv.conf
</div>

<div>
Something i forgot: 
if client is Windows, you can &quot;debug&quot; the slow queries using the command: 
 
nslookup -d2 &nbsp;&lt;name&gt;
</div>

<div>
Hi, 
 
The problem isn't with the DNS servers though as the linux box is the only machine having trouble with the winserv2003 dns servers. 
 
i will now relocate that entry in my resolv.conf
</div>

<div>
No change in performance since i tried that change. 
 
However I am thinking that maybe it is not DNS but something else, when I do a ping to any domain it takes about a second or two to get this line: 
 
EPICSQUID:~ # ping google.com.au -I eth1 
PING google.com.au (72.14.235.104) from 10.42.42.41 eth1: 56(84) bytes of data. 
 
then pauses here for about 4-8 seconds, before working normally... 
 
64 bytes from tw-in-f104.google.com (72.14.235.104): icmp_seq=1 ttl=241 time=182 ms 
64 bytes from tw-in-f104.google.com (72.14.235.104): icmp_seq=2 ttl=241 time=174 ms 
64 bytes from tw-in-f104.google.com (72.14.235.104): icmp_seq=3 ttl=241 time=165 ms 
64 bytes from tw-in-f104.google.com (72.14.235.104): icmp_seq=4 ttl=241 time=185 ms 
64 bytes from tw-in-f104.google.com (72.14.235.104): icmp_seq=5 ttl=241 time=173 ms 
64 bytes from tw-in-f104.google.com (72.14.235.104): icmp_seq=6 ttl=241 time=184 ms 
64 bytes from tw-in-f104.google.com (72.14.235.104): icmp_seq=7 ttl=241 time=218 ms 

</div>

<div>
Is anyone able to assist? I have re-posted this issue so many times without resolution.
</div>

<div>
If you are having DNS issues and you issue a ping &quot;hostname&quot; command, then it will take awhile before you see the first line like: 
 
&nbsp; &nbsp; &nbsp;PING google.com.au (72.14.235.104) from 10.42.42.41 eth1: 56(84) bytes of data. 
 
What happens if you issue: 
 
&nbsp; &nbsp; &nbsp;ping 72.14.235.104 
 
I'm saying that it definitly is a DNS issue, it could be a network and a DNS issue, or just a network issue with one specific network segement. 
 
You may want to do a tracer route to you dns servers to see if there a lot of latency someplace. 
 
You may also want to start doing packet captures at various points on your network to see where the slowdown is. 
 
 

</div>

<div>
When you are on the linux box and do nslookup -debug hostname.domain 
 
You should see all the requests that are generated to resolve. 
 
Did you perhaps configure squid to compress the data stream back to the client? 
Do you have statistic data collection of squid functionality so that you can see if the server is overloaded by the numerous requests? 
Is the squid cache configured to cache data or is it simply a pass through? 
I.e. does not cache anything. 
 
Do you have iptables/ipchains enabled that could explain the delay if the server on which squid runs is overloaded. 
What type of network connection does the linux box have? &nbsp;Does it have two network interfaces one through which it delivers the responses and one through which it retrieves the data? &nbsp;The two can be on the LAN segment. 
 
 
 

</div>

<div>
giltjr: 
 
I did what you said, no latency issues for pings to hostnames and IPs. 
 
traceroute to both DNS servers is only a single hop, and &gt;5ms 

</div>

<div>
arnold: 
 
I don't believe i have setup squid to compress to the client, if it is doing so i didn't set it. i will &nbsp;check for you shortly. 
 
It would'nt be an overload issue. this server is way over spec'd for its intended application, however currently its being tested before it is placed in production and only by 10 users... the server shouldn't even feel a pinch at this time. 
 
Squid should be caching data. I thought maybe there was something wrong with the cache so i rebuilt it however no difference in performance. 
 
I have a routing script that i run for squid to work, i have included it below, possibly that is where the issue lies. 
traffic from lan goes in eth0 and out eth1, both eth adapters are on the same subnet (no way around this unfortunately) however i doubt that is the cause because i have had other squid boxes running the same 'setup' and no issues at all. 
 
Thanks :) 

<pre><code class="code-10 nolinks" id="code-286850">#!/bin/sh
# ------------------------------------------------------------------------------------
# See URL: http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html
# (c) 2006, nixCraft under GNU/GPL v2.0+
# -------------------------------------------------------------------------------------
# squid server IP
SQUID_SERVER=&quot;10.42.42.40&quot;
# Interface connected to Internet
INTERNET=&quot;eth1&quot;
# Interface connected to LAN
LAN_IN=&quot;eth0&quot;
# Squid port
SQUID_PORT=&quot;3128&quot;
 
# DO NOT MODIFY BELOW
# Clean old firewall
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
# Load IPTABLES modules for NAT and IP conntrack support
modprobe ip_conntrack
modprobe ip_conntrack_ftp
# For win xp ftp client
#modprobe ip_nat_ftp
echo 1 &gt; /proc/sys/net/ipv4/ip_forward
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
# Unlimited access to loop back
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow UDP, DNS and Passive FTP
iptables -A INPUT -i $INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT
# set this system as a router for Rest of LAN
iptables --table nat --append POSTROUTING --out-interface $INTERNET -j MASQUERADE
iptables --append FORWARD --in-interface $LAN_IN -j ACCEPT
# unlimited access to LAN
iptables -A INPUT -i $LAN_IN -j ACCEPT
iptables -A OUTPUT -o $LAN_IN -j ACCEPT
# DNAT port 80 request comming from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy
iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT
# if it is same system
iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT
# DROP everything and Log it
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
</code></pre>
</div>

<div>
here is my squid.conf 
 
just in case :) 

<pre><code class="code-10 nolinks" id="code-286852">#httpd_accel_host virtual
#httpd_accel_port 80
#httpd_accel_with_proxy on
#httpd_accel_uses_host_header oncp su
 
#auth_param basic program /usr/sbin/ncsa_auth /etc/squid/squid_passwd
 
#acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
 
acl no_cache_list src &quot;/etc/squid/no-cache-list.squid&quot;
no_cache deny no_cache_list
 
acl epicentre_42_range src 10.42.42.0/23
acl bad_urls dstdomain &quot;/etc/squid/bad-url-list.squid&quot;
acl good_urls dstdomain &quot;/etc/squid/good-url-list.squid&quot;
#acl bad_ports port &quot;/etc/squid/bad-port-list.squid&quot;
acl good_ports port &quot;/etc/squid/good-port-list.squid&quot;
#acl bad_hosts src &quot;/etc/squid/bad-host-list.squid&quot;
#acl good_hosts src &quot;/etc/squid/good-host-list.squid&quot;
 
acl bad_exts urlpath_regex -i &quot;/etc/squid/bad-ext-list.squid&quot;
#acl bad_exts urlpath_regex -i &quot;http://localhost/bad-ext-list.squid&quot;
deny_info denied bad_urls
deny_info denied bad_exts
http_access deny bad_exts
 
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
 
#http_access deny bad_hosts
#http_access allow good_hosts
http_access deny bad_urls
http_access allow good_urls
#http_access deny bad_ports
http_access allow good_ports
http_access allow epicentre_42_range
http_access allow localhost
 
http_access deny all
 
icp_access allow all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
 
cache_replacement_policy heap LFUDA
cache_swap_low 90
cache_swap_high 95
maximum_object_size_in_memory 200 KB
cache_mem 100 MB 
memory_pools off
maximum_object_size 10 MB
quick_abort_min 0 KB
quick_abort_max 0 KB
log_icp_queries off
client_db off
buffered_logs on
half_closed_clients off
 
cache_dir aufs /squidcache 800 16 256 
access_log /var/log/squid/access.log squid
log_fqdn on
 
 
acl QUERY urlpath_regex cgi-bin \?
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern .		0	20%	4320
 
 
acl apache rep_header Server ^Apache
 
 
cache deny QUERY
#broken_vary_encoding allow apache
cache_mgr xavier.hutchinson@epicentre.com.au
dns_nameservers 10.42.42.17 10.42.42.11
coredump_dir /var/cache/squid
</code></pre>
</div>

<div>
<div class="content wysiwyg-content">
Hi all, 
 
Having some trouble with squid and dns resolution, it can take clients anywhere between 3 to 8 seconds to have webdata passed back to their client browsers which i have determined to be squid and it having issues resolving dns quickly. 
 
My resolv.conf file is setup with my domain's dns servers and search param.... 
 
any ideas? 

<pre><code class="code-1 nolinks" id="code-263541">My resolv.conf file:
 
nameserver 10.42.42.17
nameserver 10.42.42.11
search epicentre.internal
</code></pre>
</div>
</div>

Hi all,

Having some trouble with squid and dns resolution, it can take clients anywhere between 3 to 8 seconds to have webdata passed back to their client browsers which i have determined to be squid and it having issues resolving dns quickly.

My resolv.conf file is setup with my domain's dns servers and search param....

any ideas?

DNS speed issue with squid

A Linux distribution is an operating system made as a software collection based on the Linux kernel and, often, on a package management system and are available for a variety of systems. A typical Linux distribution comprises a Linux kernel, GNU tools and libraries, additional software, documentation, a window system (the most common being the X Window System), a window manager, and a desktop environment. Most Linux systems are open-source software made available both as compiled binaries and in source code form, allowing modifications to the original software. Over three hundred distributions are in active development, including commercially backed distributions (such as Fedora, openSUSE and Ubuntu) and community-driven distributions (such as Debian, Slackware, Gentoo and Arch Linux).

Linux Distributions

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.

Linux

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

Networking

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.