[TCLUG] Squid and netbios resolution

Wed Dec 22 15:42:24 CST 2004

I've got this same problem, although I haven't spent any time on it yet - 
I've hashed out a few ideas, but I still need to research it a little 
more...

General concensus is that you don't want to have squid doing DNS 
resolution when writing the logs, since it could cause performance 
problems (the lookups could cause a significant delay).  Even running a 
local DNS server that's authorative for the zone, if named dies or 
anything bad happens, web requests lose.  This is the mindset I seemed to 
get from reading through squid-users.

I've been thinking of a few different solutions to this.  Like you said, 
stale data is a problem - if the log analyzer runs daily, there is a good 
chance that things have changed since the log was written.

I think the simplest solution would be to have named running on the squid 
server, and have it secondary the zone from the primary (or whatever 
Microsoft calls this...).  But the Squid source will probably have to be 
hacked to do the DNS lookup - I don't remember seeing any options for 
turning this on.  Although someone may have already written a patch for 
this.  But this could still be too slow - I won't know until I test it. 
And again, if named failes, we lose.

In any case, I was going to try this and benchmark performance to see if 
it was feasible.  I just need to confirm that MS DNS can do NOTIFY, and 
then get the DNS dude to replicate the zone to me (Ugh, I guess I do know 
the MS term).

My other idea also involved slaving the DNS zones, but coming up with some 
hack so that I could keep an archive of changes based on date and time. 
Like a binary log or even a database.  Then write a replacement for the 
DNS lookup function in the analyzer, so it consults my record of IP 
changes, so it would lookup the IP and timestamp, rather than just the IP.

The lookup function would basically say, find the most recent change for 
this IP that occured before this timestamp.

On Wed, 22 Dec 2004, Chris Smith wrote:

> Hi,
>
> I've got dynamic internal DNS which works. Ie, I can dig, and nslookup and
> ping via hostname from my linux boxes to lookup my xp clients. I am trying
> to get squid to resolve the IP's it has in its log file (or the reporting
> tool to do so I suppose, though that could be stale). I can't seem to figure
> this one out.
> Does anyone have this working, and if so could I see a squid.conf example?
>
> TIA
> Chris
>
>
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> Help beta test TCLUG's potential new home: http://plone.mn-linux.org
> Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery
> tclug-list at mn-linux.org
> https://mailman.real-time.com/mailman/listinfo/tclug-list
>

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
Help beta test TCLUG's potential new home: http://plone.mn-linux.org
Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery
tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list