bind and squid transparent mode resolve issues(BUG?)

periko

Hi.

I have been having issues with squid transparent mode and Bind.

I setup bind using forwarders on and off.

The most notable issue is google sites :

This site can’t provide a secure connection www.google.com sent an invalid response.
Try running Windows Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR

But this message start appearing on different sites like gandi.net, ebay, amazon.

If I use pf resolver no problem, just went I use Bind, firefox, chrome, iexplore same issue, looks is not client side issue.

If I test inside windows box with nslookup tool it resolve all those domains without issues.

Anyone with the same situation and how to resolve?

Running pfsense 2.4.4_p2, thanks.

periko

I had been checking this issue.

For some reason once I enable and setup BIND, the file:

/etc/resolv.conf

and add the line:

nameserver 127.0.0.1

squid resolver start working.

Don't know why that line disappear, I chose LAN+localhost in the BIND GUI.

The other way is to add the localhost in squid alternate dns "127.0.0.1" and works to.