Can squid forward DNS queries to a DNS server?

pravin picture pravin · Apr 11, 2010 · Viewed 19.3k times · Source

This might something be completely impossible to achieve, but before I give it a shot thought I might get some advice from a fellow geek. Would squid proxy DNS queries as well? I would like to forward DNS queries to go through squid and use squid's DNS error page, of course by customizing it. I see the DNS queries are hitting my squid box on UDP port 53. I can setup a port forwarding so that all these queries get sent to squid's port 3128. But would squid understand its a DNS query and forward those queries to the dns server set in squid.conf? I hope my question is clear but please shout up and I would be glad to give you some more info if needed. Thanks guys!

Answer

benc picture benc · Apr 21, 2010

Looking at What is Squid?

Squid is not a DNS proxy. It does some local DNS caching for its own purposes.

Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests.

One way to think about it is that as "web" proxy, Squid lives in the application layer. TCP connections (and UDP datagrams) cannot simply be passed around as they would in lower levels. Applications must understand the protocol that comes out of the end-point, and that typically means that their functionality can be described as a white-list of protocols:

Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects.

In short, your question was: "...would squid understand its a DNS query and forward those queries to the dns server set in squid.conf?"

Squid might listen to UDP (I didn't check this), but even if it did, it would not understand the inbound DNS traffic.