Re: [squid-users] BYPASS UPON FAILURE
On Monday 24 March 2008 03:05:06 Joel Jaeggli wrote: > Amos Jeffries wrote: > > ian j hart wrote: > >> On Sunday 23 March 2008 11:12:22 Amos Jeffries wrote: > >>> Tim Bates wrote: > K K wrote: > > For > > Windows/MSIE the setting can be done automatically by WPAD, DHCP, or > > GPO. For non-microsoft, this needs to be configured manually on each > > client. > > For non-MS browsers you can often still use WPAD (Firefox on Linux for > example can do that still). > You can also get a modified version of Firefox (made by FrontMotion) > that supports GPO for certain settings. > > TB > >>> > >>> The only real trouble with WPAD is that it has never been formally > >>> standardised. > >>> Microsoft products use only the 'obsolete' DHCP methods of WPAD. > >> > >> Are you sure about this? > >> > >> IIRC I'm using only DNS. Which is clunky, but it works. (XP) > > internet exploder will use dns... > > firefox won't without configuration which means effectively half your > users won't. Half of your users maybe; not half of mine. My users get IE, like it or not. This would seem to be a good reason to avoid firefox. Shame. > > The draft expired eons ago (it was expired when I first taught how use > in a workshop in 1999) > > > I'm not 100% on anything to do with WPAD, despite a few months > > experimenting with it and various setups. > > > > I last tried it with XP and 2k running IE 5.5 SP1 and WindowsUpdate > > 3-something or MicrosoftUpdate 1-something. > > > > What versions of IE, WindowsUpdate/MicrosoftUpdate have you seen working > > with WPAD-DNS? > > > >>> Linux/Mac/*BSD products use the easier but non-official DNS methods > >>> of WPAD. > >>> > >>> So you need to configure both methods for it to work properly on the > >>> network for all clients. > >>> > >>> Amos > > > > Amos -- ian j hart
Re: [squid-users] BYPASS UPON FAILURE
On Sunday 23 March 2008 13:28:26 Amos Jeffries wrote: > ian j hart wrote: > > On Sunday 23 March 2008 11:12:22 Amos Jeffries wrote: > >> Tim Bates wrote: > >>> K K wrote: > For > Windows/MSIE the setting can be done automatically by WPAD, DHCP, or > GPO. For non-microsoft, this needs to be configured manually on each > client. > >>> > >>> For non-MS browsers you can often still use WPAD (Firefox on Linux for > >>> example can do that still). > >>> You can also get a modified version of Firefox (made by FrontMotion) > >>> that supports GPO for certain settings. > >>> > >>> TB > >> > >> The only real trouble with WPAD is that it has never been formally > >> standardised. > >> Microsoft products use only the 'obsolete' DHCP methods of WPAD. > > > > Are you sure about this? > > > > IIRC I'm using only DNS. Which is clunky, but it works. (XP) > > I'm not 100% on anything to do with WPAD, despite a few months > experimenting with it and various setups. > > I last tried it with XP and 2k running IE 5.5 SP1 and WindowsUpdate > 3-something or MicrosoftUpdate 1-something. > > What versions of IE, WindowsUpdate/MicrosoftUpdate have you seen working > with WPAD-DNS? Don't have a definitive list but IIRC I've run IE verisions from 4.2? to 6 this way. I can tell you that there are a number of ways to get false negatives. MS seem to break proxy support every time they release a new O/S, O/S service pack, version of IE or IE SP. Wait for follow up patches or SUS/WUS/WSUS updates before updating. The client can mark the proxy as "bad" for 30m at time. http://support.microsoft.com/kb/320507 Turn it off/on can help, i.e. Close all IE, outlook/OE windows Open an IE window Deselect automatically detect... in LAN settings Close the IE window (optionally reboot) Open an IE window Select automatically detect... in LAN settings Try again. That's what I mean by clunky. > > >> Linux/Mac/*BSD products use the easier but non-official DNS methods of > >> WPAD. > >> > >> So you need to configure both methods for it to work properly on the > >> network for all clients. > >> > >> Amos > > Amos -- ian j hart
RE: [squid-users] BYPASS UPON FAILURE
Thanks very much guys... as I mentioned, I am new to this and will therefore try it out with a colleague who knows squid well. Will get back if anything. Thanks once again. -Original Message- From: ian j hart [mailto:[EMAIL PROTECTED] Sent: Sunday, March 23, 2008 3:04 PM To: squid-users@squid-cache.org Cc: Amos Jeffries Subject: Re: [squid-users] BYPASS UPON FAILURE On Sunday 23 March 2008 11:12:22 Amos Jeffries wrote: > Tim Bates wrote: > > K K wrote: > >> For > >> Windows/MSIE the setting can be done automatically by WPAD, DHCP, or > >> GPO. For non-microsoft, this needs to be configured manually on each > >> client. > > > > For non-MS browsers you can often still use WPAD (Firefox on Linux for > > example can do that still). > > You can also get a modified version of Firefox (made by FrontMotion) > > that supports GPO for certain settings. > > > > TB > > The only real trouble with WPAD is that it has never been formally > standardised. > Microsoft products use only the 'obsolete' DHCP methods of WPAD. Are you sure about this? IIRC I'm using only DNS. Which is clunky, but it works. (XP) > Linux/Mac/*BSD products use the easier but non-official DNS methods of > WPAD. > > So you need to configure both methods for it to work properly on the > network for all clients. > > Amos -- ian j hart
Re: [squid-users] BYPASS UPON FAILURE
Amos Jeffries wrote: ian j hart wrote: On Sunday 23 March 2008 11:12:22 Amos Jeffries wrote: Tim Bates wrote: K K wrote: For Windows/MSIE the setting can be done automatically by WPAD, DHCP, or GPO. For non-microsoft, this needs to be configured manually on each client. For non-MS browsers you can often still use WPAD (Firefox on Linux for example can do that still). You can also get a modified version of Firefox (made by FrontMotion) that supports GPO for certain settings. TB The only real trouble with WPAD is that it has never been formally standardised. Microsoft products use only the 'obsolete' DHCP methods of WPAD. Are you sure about this? IIRC I'm using only DNS. Which is clunky, but it works. (XP) internet exploder will use dns... firefox won't without configuration which means effectively half your users won't. The draft expired eons ago (it was expired when I first taught how use in a workshop in 1999) I'm not 100% on anything to do with WPAD, despite a few months experimenting with it and various setups. I last tried it with XP and 2k running IE 5.5 SP1 and WindowsUpdate 3-something or MicrosoftUpdate 1-something. What versions of IE, WindowsUpdate/MicrosoftUpdate have you seen working with WPAD-DNS? Linux/Mac/*BSD products use the easier but non-official DNS methods of WPAD. So you need to configure both methods for it to work properly on the network for all clients. Amos Amos
Re: [squid-users] BYPASS UPON FAILURE
ian j hart wrote: On Sunday 23 March 2008 11:12:22 Amos Jeffries wrote: Tim Bates wrote: K K wrote: For Windows/MSIE the setting can be done automatically by WPAD, DHCP, or GPO. For non-microsoft, this needs to be configured manually on each client. For non-MS browsers you can often still use WPAD (Firefox on Linux for example can do that still). You can also get a modified version of Firefox (made by FrontMotion) that supports GPO for certain settings. TB The only real trouble with WPAD is that it has never been formally standardised. Microsoft products use only the 'obsolete' DHCP methods of WPAD. Are you sure about this? IIRC I'm using only DNS. Which is clunky, but it works. (XP) I'm not 100% on anything to do with WPAD, despite a few months experimenting with it and various setups. I last tried it with XP and 2k running IE 5.5 SP1 and WindowsUpdate 3-something or MicrosoftUpdate 1-something. What versions of IE, WindowsUpdate/MicrosoftUpdate have you seen working with WPAD-DNS? Linux/Mac/*BSD products use the easier but non-official DNS methods of WPAD. So you need to configure both methods for it to work properly on the network for all clients. Amos Amos -- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.
Re: [squid-users] BYPASS UPON FAILURE
On Sunday 23 March 2008 11:12:22 Amos Jeffries wrote: > Tim Bates wrote: > > K K wrote: > >> For > >> Windows/MSIE the setting can be done automatically by WPAD, DHCP, or > >> GPO. For non-microsoft, this needs to be configured manually on each > >> client. > > > > For non-MS browsers you can often still use WPAD (Firefox on Linux for > > example can do that still). > > You can also get a modified version of Firefox (made by FrontMotion) > > that supports GPO for certain settings. > > > > TB > > The only real trouble with WPAD is that it has never been formally > standardised. > Microsoft products use only the 'obsolete' DHCP methods of WPAD. Are you sure about this? IIRC I'm using only DNS. Which is clunky, but it works. (XP) > Linux/Mac/*BSD products use the easier but non-official DNS methods of > WPAD. > > So you need to configure both methods for it to work properly on the > network for all clients. > > Amos -- ian j hart
Re: [squid-users] BYPASS UPON FAILURE
Tim Bates wrote: K K wrote: For Windows/MSIE the setting can be done automatically by WPAD, DHCP, or GPO. For non-microsoft, this needs to be configured manually on each client. For non-MS browsers you can often still use WPAD (Firefox on Linux for example can do that still). You can also get a modified version of Firefox (made by FrontMotion) that supports GPO for certain settings. TB The only real trouble with WPAD is that it has never been formally standardised. Microsoft products use only the 'obsolete' DHCP methods of WPAD. Linux/Mac/*BSD products use the easier but non-official DNS methods of WPAD. So you need to configure both methods for it to work properly on the network for all clients. Amos -- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.
Re: [squid-users] BYPASS UPON FAILURE
K K wrote: For Windows/MSIE the setting can be done automatically by WPAD, DHCP, or GPO. For non-microsoft, this needs to be configured manually on each client. For non-MS browsers you can often still use WPAD (Firefox on Linux for example can do that still). You can also get a modified version of Firefox (made by FrontMotion) that supports GPO for certain settings. TB
Re: [squid-users] BYPASS UPON FAILURE
On 3/22/08, Sadiq Walji <[EMAIL PROTECTED]> wrote: > When squid fails, all the users cannot browse and we have to manually stop > squid to bypass it. Is there any way/feature that enables to bypass squid > automatically if and when it fails or has some problems? Yes, use a PAC (Proxy Automatic Configuration) set in the browser. http://wiki.squid-cache.org/Technology/ProxyPac The PAC script instructs the browser wat explicit (non-transparent) proxy or proxies to use, and can fall back to DIRECT. For Windows/MSIE the setting can be done automatically by WPAD, DHCP, or GPO. For non-microsoft, this needs to be configured manually on each client. PAC is supported in all modern graphical browsers. Kevin
Re: [squid-users] BYPASS UPON FAILURE
Sadiq Walji wrote: Hello, I am new to squid and we have squid caching running on a server for users and have a query as follows: When squid fails, all the users cannot browse and we have to manually stop squid to bypass it. Is there any way/feature that enables to bypass squid automatically if and when it fails or has some problems? Which squid version are you running? 2.6+ restart themselves as best they can after fatal but temporary errors. If you are having a problem that is so fatal squid dies long-term that problem needs to be found and fixed. Amos -- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.
