Which domain to set instead of "example.com" when setting up proxy autoconfig?



  • It is said here https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid that to configure proxy autoconfig, one should map

    wpad.example.com

    to the IP address of web server, containing wpad.dat.

    But what to write instead of "example.com"? I am at home LAN and don't have any domain.


  • Banned

    The one you configured in System - General.



  • How can this affect the behavior of clients?

    This configuration should respond on clients searching proxy autoconfig via DNS, by why would they search some text from this config?


  • Banned

    You need to configure DNS and DHCP servers for this, obviously. Also noted in the GUI.



  • DNS and DHCP are configured.

    But how the domain name reaches the client?


  • Banned



  • In system -> general setup, domain name. that is the domain which will end up in wpad. Assuming domain name is set to "dims.localnet" (do not use .local - if  you have a registered domain name then use a subdomain of that, eg: "dimsnetwork.dims.com") and the wpad server is "wpad-web", the domain name is "wpad-web.dims.localnet".  Dhcp will push this domain name to clients by default.
    if you have a pc named main-pc. the full hostname name should be resolvable by "main-pc.dims.localnet"



  • If some client has static IP address, i.e. not using DHCP, how can it know it's domain name then?



  • Once more.

    The client, willing to autoconfigure it's proxy, should query wpad.dat file from some URL.

    For example, this can be http://wpad.dimsnetwork.dims.com/wpad.dat

    How this client would KNOW this URL?

    How it would know, what to put between http://wpad. and /wpad.dat?

    If you say, that this text comes with DHCP, then this means, that client with static IP can't autoconfigure proxy, right?


  • Banned

    @dims:

    If you say, that this text comes with DHCP, then this means, that client with static IP can't autoconfigure proxy, right?

    No, wrong. That's what the DNS is for. Now, kindly use the fine Google or the search feature here on the forum.



  • How this client would KNOW this URL?

    It's either configured manually on the client or received from the DHCP server.  If you have a bunch of subdomains, add extra DNS records to handle resolving wpad.sub.domain.com to your wpad server.



  • @dims:

    Once more.

    The client, willing to autoconfigure it's proxy, should query wpad.dat file from some URL.

    For example, this can be http://wpad.dimsnetwork.dims.com/wpad.dat

    How this client would KNOW this URL?

    How it would know, what to put between http://wpad. and /wpad.dat?

    If you say, that this text comes with DHCP, then this means, that client with static IP can't autoconfigure proxy, right?

    Client would query in certain order - wpad, if failed, then wpad.dimsnetwork.dims.com
    it would append the dimsnetwork.dims.com from the search domains listed when you setup static dns on the client. you can also override dns server so that wpad. always returns a a local ip.
    Wpad ain't nothing difficult, it's relatively straightforward to configure, so try it.



  • @doktornotor:

    kindly use the fine Google or the search feature here on the forum.

    I did but didn't find an answer. Can you post it here please? You can use lmgtfy if you wan't, but result SHOULD contain an answer, but not general words on the topic.



  • @KOM:

    It's either configured manually on the client or received from the DHCP server.  If you have a bunch of subdomains, add extra DNS records to handle resolving wpad.sub.domain.com to your wpad server.

    Suppose, I didn't configure domain manually but configured IP manually, i.e. not using DHCP. This means WPAD won't work then?



  • @dims:

    Suppose, I didn't configure domain manually but configured IP manually, i.e. not using DHCP. This means WPAD won't work then?

    As described in draft RFC about WPAD and also in RFC3040, DHCP is only one mechanism tat can be used, client side, to find proxy.pac file.
    Other mechanism exist and some should be implemented if you want to ensure that most clients benefit from WPAD.

    The resource discovery mechanisms utilized by WPAD are as follows:
          *  Dynamic Host Configuration Protocol DHCP
          *  Service Location Protocol SLP
          *  "Well Known Aliases" using DNS A records
          *  DNS SRV records
          *  "service: URLs" in DNS TXT records

    implementing DHCP, "well known alias", "DNS SRV records" and "service: URL" is pretty simple.
    You will find examples here and there easily.

    • pfSense documentation covers some aspects.
    • I tried to produce something with wider coverage (goal was more to focus on proxy design that WPAD) here.
    • internet contains a lot of useful example

    What you need to understand (and that is not yet clear if I read correctly your posts) is that "well known alias" mechanism relies on your local domain configuration and therefore local DNS too.

    This mechanism, launched client side, relies on host FQDN.
    Say your workstation name is:
    workstation.sub_level2.sub_level1.domain.com
    well known alias mechanism will search first for:
    wpad.sub_level2.sub_level1.domain.com
    then for:
    wpad.sub_level1.domain.com
    then
    wpad.domain.com

    By configuring one of these entries in your local DNS, it will allow you browser to find web server hosting proxy.pac file.


Log in to reply