[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1006375: debian-edu-config: squid very slow due to IPv6-lookups being done first, and only then IPv4

Package: debian-edu-config
Severity: important
Version: 2.12.17
Control: found -1 2.11.56+debu3

Debian Edu is not yet really IPv6-ready. That is another topic and should be discussed elsewhere. Maybe for some people, Debian Edu works perfectly on IPv6 and I don't know that yet, please let us know your experiences on the Debian Edu mailing list. Thanks. (Don't Cc: such discussion replies to the bug report's mail address, please).

However, here current Debian Edu work best if IPv4 connections (and DNS lookups) are preferred over IPv6 connections and lookups.

In Squid, I made the observation today that squid tries to do an IPv6 lookup for a URL first and if that fails, it retries via IPv4. This seems to work ok for Debian Edu networks where TJENER does not have a public IPv6 address. However, in my customer's setup [1], loading a complex website page via squid takes ages with this. Esp. if the squid proxy is under medium to heavy load by other users on the network.

So, long story cut short, squid tries to route http(s) requests (hostname/path queries, basically) over IPv6 first and falls back as second choice to IPv4. This takes a bit of extra time for each URL to be loaded. IMHO, this should be avoided, IPv4 should be preferred in squid. Not only on this one customer setup, but in general it seems (as the whole Debian Edu design currently is 'IPv4-first' or rather 'IPv4-only'.

So, I'd like to add (and this extra config line fixed the issue on the customer site)

  dns_v4_first on

to /etc/squid/conf.d/debian-edu.conf

Objections? Other opinions???


[1] In this customer setup TJENER has two network interfaces (a .intern network and a .backbone network). The .backbone network is for WiFi APs being able to access FreeRadius on TJENER (the WiFi APs are not on the .intern network but on a separate management network). And TJENER here as a public IPv6 address on the .backbone network's NIC (eth1 here).


c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

Attachment: pgpdXq94R5XhS.pgp
Description: Digitale PGP-Signatur

Reply to: