On 12/06/2014 5:05 a.m., Mark jensen wrote: > > > Hello > > we all know that access.log file logs the access Info of Squid, something > like that: > 125213512.746 41762 192.168.1.17 .............. > 125213513.746 47616 192.168.1.18 .............. > > > MY local DNS server has records like this ( in its revers zone > (1.168.192.in-addr.arpa)): > > $TTL 60 ; 1 minute > 17 PTR Mark > 18 PTR Mike > > I have managed to make this record in the access.log file (using the option > "log_fqdn on" and by changing the log format): > > 125213512.746 41762 192.168.1.17 .............. > > to be something like that: > > 125213512.746 41762 192.168.1.17 Mark .............. > > the problem is that the DNS records keep changing ( something like that ): > > $TTL 60 ; 1 minute > 17 PTR Karl > 18 PTR Mike > > and > > $TTL 60 ; 1 minute > 17 PTR Paul > 18 PTR Mike > > and so on ...... > > but the squid keep resolving the IP as "Mark", so I guess that Squid use the > cached look up so what ever "Mark" change in DNS zone it keeps it "Mark" > > My questions are: > > 1) what is the option who makes Squid cache looks up ?
The "$TTL 60 ; 1 minute" in the DNS server configuration tells Squid and a other software looking up the DNS that the record delivered is to be cached for 60 seconds. > 2) how to stop this option and make Squid keeps ask the DNS and ignore the > cache looks up? Configure DNS correctly to match the update frequency for the zone. If that is real-time then the zone TTL needs to be close to 0 and you will need to lower http://www.squid-cache.org/Doc/config/negative_dns_ttl/ appropriately to match the supeer-low TTL. Note that it is BAD practice to change a zone file entry more often than *daily*. Reseting PTR records every 1 minute or less will screw up in a great many systems, Squid is just one. Amos
