Squid proxy IPv4 fallback

Started by schnipp, May 04, 2020, 02:26:56 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 04, 2020, 02:26:56 PM
Hi everybody,

besides filtering I use the squid proxy in opnsense for IP address translation (LAN: IPv4 only --> WAN: IPv4/IPv6). In general squid prefers IPv6 over IPv4 which works fine, so far. So, in case the DNS resolves an IPv4 and IPv6 address for accessing a server squid tries to use the IPv6 address. But, when the server is not responding squid automatically performs a fallback to IPv4.

In its standard configuration the timeout for fallback is 60 seconds. This is too long because the firefox (and maybe some other browsers) have a shorter request timeout. Thus, the fallback will never occur, provided that the timout in squid is configured with a lower value.

By adding the following line to the squid configuration, the fallback works fine:

Code Select

connect_timeout 7 seconds


Maybe, you can add a configuration field to override the standard timeout?

Thanks.

OPNsense 24.7.11_2-amd64
May 07, 2020, 04:24:42 PM #1
Feature request added to github: https://github.com/opnsense/core/issues/4092
OPNsense 24.7.11_2-amd64
Print
Go Up Pages1
User actions