> dig +recurse +additional +authority +notrace A google.com.au > (which I freely admit I could be using wrong, or my upstream > ncsd server > on the host I am on now and exhibited these problems before, > could be silly)
I think it would be highly unlikely that google would be advertising a dead server in its DNS for months. I would look at your DNS more closely than squid. My guess is that it (or your ISPs DNS) is not expiring the old record correctly, but you'll need to check each point involved in DNS to find where the issue is. IIRC some US ISPs are known for breaking DNS caching rules, presumably to reduce the load on their DNS. Perhaps squid could perform more cleverly in the event of a failure of this type, but to me that would be providing a band-aid to the underlying problem. ># tcpdump dst port 80 >... >23:15:39.943113 IP scuzzie-home.42682 > ro-in-f104.google.com.www: SWE >1063381097:1063381097(0) win 5840 <mss 1460,sackOK,timestamp 69844178 >0,nop,wscale 7> I think 'tcpdump port 80' would be better so you can also see any responses that may come from the webserver, which will be source port 80. Hopefully squid is clever enough to try the next IP if it recieves a reset. From the timestamps I'm guessing nothing is coming back.
