RE: [squid-users] Resolution query

From: Elsen Marc <[email protected]>
Date: Mon, 14 Feb 2005 12:58:15 +0100

 
> Hi all
>
> I've got a small problem that I'm hoping that someone can
> help with. Our
> squids work just fine, doing what they do best. But!
>
> We have a project to ease a little of our WAN traffic by
> putting a squid
> connected to an ADSL at some outlying sites with poor WAN
> connections to
> allow certain URLs direct access from the site via the ADSL.
> All other
> requests will be forwarded to the parent proxies here at head office.
>
> All of our clients use IE and currently are configured not to
> use a proxy
> for local addresses but for routing purposes it would be
> beneficial to pass
> all http traffic through the proxy. I've been doing some
> tests and I cannot
> get sites like http://intranet (the default home page) to
> work. I just get
> the "Unable to determine IP address from host name for
> intranet" page come
> up.
>
> The servers can resolve the address at OS level and the squid
> reports on
> startup that it is using the two internal DNS servers
> resolv.conf. I added
> the acl:
>
> acl Internal dst 10.0.0.0/8
> always_direct allow Internal
>
> This didn't seem to help. From what I have read, using
> "dstdom" instead of
> "dst" wouldn't work because there isn't a domain to put in...
>
> If I add "append_domain salvesen.com" to the squid.conf then
> it works but
> causes other issues which some users may find unacceptable.
> For example, if
> I attempt to access webmail (Domino iNotes) at
> http://mymailserver/mail/mymailfile.nsf, firstly I am prompted for my
> username and password and then the URL gets rewritten as
> http://mymailserver.salvesen.com/mail/mymailfile.nsf and am
> again prompted
> to authenticate. Since many of our technophobe directors use webmail
> extensively due to travelling a lot, we would probably get
> many complaints
> about this from people who have loud voices...
>
> Can anybody suggest a workaround to allow the squid to
> resolve domain-less
> sites?
>
 
The workaround is to use the "append_domain" directive as you already know,
and this is the only workaround for this issue.
This mailserver access problem, can be rippled out on the long term,
by suggesting and or providing bookmarks for users using important Intranet
services including FQDN names for server(s)/service(s).

M.
Received on Mon Feb 14 2005 - 05:00:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST