Squid_ The Definitive Guide - Duane Wessels [169]
"Could not determine fully qualified hostname"
FATAL: Could not determine fully qualified hostname. Please set 'visible_hostname'
You'll see this if Squid can't figure out its own fully qualified domain name. Here is the algorithm Squid uses:
If you told Squid to bind the HTTP port to a specific interface address, Squid attempts a reverse DNS lookup of that address. If successful, the answer is used.
Squid calls the gethostname( ) function, and then attempts to resolve its IP address with gethostbyname( ). If successful, Squid uses the official hostname string returned by the latter function.
If neither technique works, Squid exits with the fatal message shown earlier. In this case, you must tell Squid its hostname with the visible_hostname directive. For example:
visible_hostname my.host.name
"DNS name lookup tests failed"
By default, Squid makes a few DNS queries before starting. This ensures that your DNS servers are reachable and functioning properly. If these tests fail, you'll see the following message in cache.log and/or syslog:
FATAL: ipcache_init: DNS name lookup tests failed
If you use Squid on an intranet, Squid may be unable to query its standard list of hostnames. You can specify your own hostnames with the dns_testnames directive. Squid considers the DNS test successful as soon as it receives any reply.
If you want to skip the DNS tests altogether, simply use the -D command-line option when starting Squid:
% squid -D ...
"Illegal character in hostname"
urlParse: Illegal character in hostname 'super_bikes.tripod.com'
By default, Squid checks the characters in the hostname part of URLs and complains if it finds nonstandard characters. According to RFCs 1034 and 1035, names must consist of the letters A-Z, the digits 0-9, and a hyphen (-). The underscore (_) is one of the most problematic characters.
Squid validates hostnames because, in some cases, DNS resolvers behave differently with respect to illegal characters. For example:
% host super_bikes.tripod.com
super_bikes.tripod.com has address 209.202.196.70
% ping super_bikes.tripod.com
ping: cannot resolve super_bikes.tripod.com: Unknown server error
Rather than return the Unknown server error message, Squid checks the hostname first. It can then tell the user when the hostname contains illegal characters.
Some DNS resolvers do work with underscores and other nonstandard characters. If you'd prefer that Squid not check hostnames, use the —disable-hostname-checks option when running ./configure. If you want to allow underscores as the only exception, use the —enable-underscores option.
"Running out of filedescriptors"
WARNING! Your cache is running out of filedescriptors
The above message appears when Squid uses up all available file descriptors. If this happens under normal conditions, you need to increase the kernel's file-descriptor limits and recompile Squid. See Section 3.3.1.
You might also see this message if Squid is the target of a denial-of-service attack. Someone may be intentionally, or unintentionally, sending Squid hundreds or thousands of requests at once. If this is the case, you can probably add a packet-filtering rule to block incoming TCP connections from the offending address(es). If the attack is distributed or using a spoofed source address, you'll have a harder time stopping it.
Forwarding loops (see Section 10.2) might also consume all of Squid's file descriptors, but only if Squid can't detect the loop. The Via header contains the hostname of all proxies that have seen a particular request. Squid looks for its own hostname in the header, and, if found, reports the loop. If, for some reason, the Via header is filtered from outgoing or incoming HTTP requests, Squid can't detect the loop. In this case, all file descriptors are quickly consumed by the same request going through Squid over and over.
"icmpRecv: Connection refused"
You'll see the following message if the pinger program isn't correctly installed:
icmpRecv: recv: (61) Connection refused
Most