Re: [squid-users] 3.4.0.1 dnsreq statistics question

Wed, 31 Jul 2013 07:57:51 -0700 

On 1/08/2013 12:56 a.m., Ralf Hildebrandt wrote:

* Ralf Hildebrandt <ralf.hildebra...@charite.de>:


Nameservers:
IP ADDRESS                                     # QUERIES # REPLIES Type
---------------------------------------------- --------- --------- --------
224.0.0.251                                      122256         0  multicast

Huh? The numbers account for what I'm seeing in my graphs.
And indeed, I'm seeing queries on the net:

% tcpdump -i eth1 host 224.0.0.251
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes

14:41:00.546196 IP proxy-cvk-2-e.charite.de.49093 > 224.0.0.251.mdns: 44683+ 
PTR (QM)? 234.129.89.95.in-addr.arpa. (44)
14:41:00.546796 IP proxy-cvk-2-e.charite.de.49093 > 224.0.0.251.mdns: 15065+ 
PTR (QM)? 234.129.89.95.in-addr.arpa. (44)
14:41:00.879966 IP proxy-cvk-1-e.charite.de.50277 > 224.0.0.251.mdns: 38706+ 
PTR (QM)? 139.203.238.77.in-addr.arpa. (45)
14:41:00.880286 IP proxy-cvk-1-e.charite.de.50277 > 224.0.0.251.mdns: 3929+ PTR 
(QM)? 139.203.238.77.in-addr.arpa. (45)

So what we are seeing here are two proxies querying IP addresses
(client IP addresses?) using mDNS. But why?
Oh. Sorry I had forgotten .arpa. The mDNS spec simply says all rDNS should go through mDNS as well so local servers are able to respond with their hostnames if any of their IPs are requested. 



I don't have avahi running at all.

proxy-cvk-1-e.charite.de.50277 points to squid:

# netstat -tulpen |grep 50277
udp        0      0 0.0.0.0:50277           0.0.0.0:*       13         
1393747784  7832/squid

According to the release notes:

There is no additional or special configuration required. The
multicast DNS group IP addresses for IPv4 and IPv6 resolving are added
to the set of available DNS resolvers and used automatically for
domain names ending in .local before attempting a secondary resolution
on the configured resolvers. Domains without .local are resolved using
only the configured DNS resolvers.

Hm, so everything is working as expected. Can it be turned off?


Not in the current release.
Here is a patch which enables that and some extra details in the idns report: 
http://treenet.co.nz/projects/squid/patches/mdns_configurable_mk1.patch

Amos

Reply via email to