Squid dns configuration problems

Recently, it was found that the dnsserver configuration of squid server could not take effect. You need to manually restart all Squids. Today, we checked that squid's support for dns is like this: 1. If dnsserver sends a domain name with ttl, the ttl prevails. Generally, dnsserver supports ttl. Now, the default ttl of my dnsmasq is 0.

Recently, squ was modified.IdAfter the dns server configuration of the server fails, you need to manually restart all Squids. Today, we checked that squid's support for dns is as follows:

1. If the dns server sends a domain name with ttl, the ttl prevails. Generally, the dns server supports ttl. The default ttl of my dnsmasq is 0.

2. If the dns server does not send ttl (ttl = 0), squid is based on its own configuration positive_dns_ttl. The default value of this configuration is 6 hours.

3. A negative_dns_ttl configured in the original squid indicates that the configuration is incorrect. This configuration indicates how long it will take for squid to re-Fetch the domain name if it cannot be obtained (an error occurs.

I used to configure negative_dns_ttl when positive_dns_ttl is not configured for both positive_dns_ttl and dns server. In this case, squid is based on the default positive_dns_ttl, that is, 6 hours, this time is too long for web servers. The solution is to change the ttl of the dns server to 60.
Seconds, squid configuration is not modified. Because it is also possible to directly modify the positive_dns_ttl configuration item of squid.

Some friends may use bind for dns. The default ttl of bind may not be 0. Therefore, if positive_dns_ttl is invalid, you can modify the ttl value.

Appendix: How to check the dns server ttl value

On a linux machine, modify/etc/resolv. conf to direct the dns to be tested, and then execute

Dig test.com

If the dns can parse test.com, a series of data will be returned, one of which indicates the ttl value.