Is there a way to configure squid 3.5.1 to use TCP for DNS lookups?
I've setup up the proxy server to use TCP for lookups by adding "options tcp" to my /etc/resolv.conf, but squid seems to be doing its own thing.
Asked
Active
Viewed 1,324 times
0
-
How did you get the idea that `options tcp` would do anything? I see no mention of `tcp` anywhere in `man resolv.conf`, and I didn't find a single program using TCP for DNS lookups even with that option. – kasperd Aug 23 '15 at 10:26
-
@kasperd you're probably a Linux user - I thought I mentioned I was on OpenBSD, but apparently not. – oz10 Aug 24 '15 at 20:34
1 Answers
1
Use your firewall to reject (not drop) UDP packets from squid. It'll soon get the message. I do wonder why on earth you'd want to do this, though.
womble
- 96,255
- 29
- 175
- 230
-
It shouldn't have to "get the message" I should be able to do this using configuration. – oz10 Aug 08 '15 at 19:03
-
1@paxos1977 You can if you [recompile squid](http://wiki.squid-cache.org/Features/Dnsserver). But that doesn't answer the question of why you are trying to do this. It's a Very Bad Idea. At least, it's a bad idea if you have to handle the "The internet is slow" calls... – Michael Hampton Aug 08 '15 at 20:48
-
1
-
-
-
2 close votes for off topic. How is asking a question about squid configuration off topic for a sysadmin website? – oz10 Aug 09 '15 at 23:37
-
@paxos1977 Of course it's not my concern. It's your concern! I asked _solely_ in order to understand your situation better in hopes of finding a better answer for you. If you don't want to explain, then you certainly are not obligated to do so. But you're unlikely to get a good solution without doing so. – Michael Hampton Aug 09 '15 at 23:39
-
@Michael Hampton I appreciate your wanting to understand the scenario better, but it really doesn't get any clearer than as stated in the question. Can I configure squid to do this or not? The answer appears to be no. – oz10 Aug 09 '15 at 23:54