vollkom...@gmx.net wrote:
-------- Original-Nachricht --------
1. DNS lookups fail completely. 204.127.198.4 is among a handful of
external DNS servers I use, whether defined as dns_nameservers in
squid.conf or picked by squid automatically from /etc/resolv.conf:
2009/05/20 21:44:49| comm_udp_sendto: FD 8, (family=2) 204.127.198.4:53:
(22) Invalid argument
2009/05/20 21:44:49| idnsSendQuery: FD 8: sendto: (22) Invalid argument
2009/05/20 21:46:10| comm_set_tos: setsockopt(IP_TOS) on FD 7: (22)
Invalid argument
Is IPv6 dual-stack enabled in your OS? it looks like the v6 sockets are
unable to do the v4-mapping they need to handle v4 traffic.
I find it a bit weird that setting TOS also fails, its one of the older
functionality and shared between both IP protocols.
I'd think so. I'm using 6to4, if that matters. Here's the snippet from
config.log:t
configure:25519: checking whether to enable IPv6
configure:25534: result: yes
configure:25548: checking if PF_INET6 is available
configure:25583: g++ -o conftest -g -O2 -g conftest.cpp >&5
configure:25587: $? = 0
configure:25593: ./conftest
configure:25597: $? = 0
configure:25599: result: yes
configure:25624: result:
configure:25643: checking for IPv6 split-stack requirement
configure:25666: result: no
configure:25672: checking for sin6_len field in struct sockaddr_in6
configure:25703: g++ -c -g -O2 conftest.cpp >&5
configure:25710: $? = 0
configure:25727: result: yes
...
#define USE_IPV6 1
#define IPV6_SPECIAL_V4MAPPED 1
#define IPV6_SPECIAL_SPLITSTACK 0
Here's cache.log with debug_options 0,5 78,9:
2009/05/20 23:36:23.570| idnsALookup: buf is 36 bytes for www.ipv6.sixxs.net,
id = 0x7fca
2009/05/20 23:36:23.570| comm_udp_sendto: FD 7, (family=2) 18.70.0.160:53: (22)
Invalid argument
2009/05/20 23:36:23.570| idnsSendQuery: FD 7: sendto: (22) Invalid argument
2. Does that above have anything to do with the failure to apply this
patch?
patch -p0 < b9691.patch
patching file src/dnsserver.cc
Hunk #1 FAILED at 427.
Hunk #2 FAILED at 436.
2 out of 2 hunks FAILED -- saving rejects to file src/dnsserver.cc.rej
I hope not. That patch does not alter anything functionally and is
internal to the obsolete dnsserver helper.
3. I see the following in cache.log. I realize they're warnings, but is
there any way to make squid "happy"? I thought the slash format is a
CIDR
mask.
WARNING: Netmasks are deprecated. Please use CIDR masks instead.
WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6
to
IPv4 ranges.
squid.conf:
acl sitelocalsrc src fec0::/48
acl linklocalsrc src fe80::/64
The conf is correct, if the warnings are appearing on that line something
has definitely broken.
Tomorrow is my actually scheduled day for squid maintenance. I will have
to look at these closer after the maintenance work.
Amos
Turns out my previous conjecture was wrong. Those warnings appear even after
I've commented out all the IPv6 bits in the ACLs. Here' the complete lines from
cache.log, in case it matters:
2009/05/20 23:46:02| WARNING: Netmasks are deprecated. Please use CIDR masks
instead.
2009/05/20 23:46:02| WARNING: IPv4 netmasks are particularly nasty when used to
compare IPv6 to IPv4 ranges.
2009/05/20 23:46:02| WARNING: For now we assume you meant to write /12
2009/05/20 23:46:02| WARNING: Netmasks are deprecated. Please use CIDR masks
instead.
2009/05/20 23:46:02| WARNING: IPv4 netmasks are particularly nasty when used to
compare IPv6 to IPv4 ranges.
2009/05/20 23:46:02| WARNING: For now we assume you meant to write /12
Sorry I didn't get to this a few days ago.
Are you using the default squid.conf that gets built with 3.1 or an
altered version?
Problem #3 will show up for some settings even though there is not yet
any other way to do them than netmasks. So it needs to be looked at but
in some cases can be ignored.
Problem #1, I'm still thinking about.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15
Current Beta Squid 3.1.0.8 or 3.0.STABLE16-RC1
