+++ /dev/null
-Squid 3.1.PRE1 release notesSquid Developers$Id: release-3.1.man,v 1.4 2008/01/11 03:49:18 amosjeffries Exp $This document contains the release notes for version 3.1 of Squid.
-Squid is a WWW Cache application developed by the National Laboratory
-for Applied Network Research and members of the Web Caching community.Notice
-
-.Pp
-The Squid Team are pleased to announce the release of Squid-3.1.PRE1 for pre-release testing.
-.Pp
-This new release is available for download from or the \&.
-.Pp
-A large number of the show-stopper bugs have been fixed along with general improvements to the ICAP support.
-While this release is not deemed ready for production use, we believe it is ready for wider testing by the community.
-.Pp
-We welcome feedback and bug reports. If you find a bug, please see for how to submit a report with a stack trace.
-.Pp
-Known issues
-
-.Pp
-Although this release is deemed good enough for testing in many setups, please note the existence of \&.
-.Pp
-Changes since earlier PRE releases of Squid-3.0
-
-.Pp
-The 3.1 change history can be \&.
-.Pp
-Changes since Squid-3.0
-
-.SH Major new features
-
-.Pp
-Squid 3.1 represents a new feature release above 3.0.
-.Pp
-The most important of these new features are:
-.Pp
-.nr ll +1
-.nr t\n(ll 0
-.if \n(ll>1 .RS
-.nr bi 1
-.Pp
-IPv6 Support
-.if \n(ll>1 .RE
-.nr ll -1
-.Pp
-Most user-facing changes are reflected in squid.conf (see below).
-.Pp
-Internet Protocol version 6 (IPv6)
-
-.Pp
-Squid 3.1 supports IPv6. To enable IPv6 support, use the ./configure --enable-ipv6 option
-.Pp
-New Features for IPv6
-
-.Pp
-Squid handles localhost values seperately. For the purpose of ACLs and also external
-connections ::1 is considered a seperate IP from 127.0.0.1. This means all ACL which
-define behaviour for localhost may need ::1/128 included.
-.Pp
-.Pp
---with-localhost-ipv6 option is provided for Pure-IPv6 setups who do not want to be
-bothered by the localhost vagaries. It will enable logics to map all localhost traffic
-through ::1 unless an IPv4-only link is required.
-.Pp
-.Pp
-Additional ./configure --with-ipv4-mapped option is provided for OS that require a socket setting
-to accept IPv4 addresses on IPv6 sockets, squid performs v4-mapping on these addresses
-It is intended primarily to be used for Windows Vista builds.
-.Pp
-.Pp
-Pinger has been upgraded to perform both ICMP and ICMPv6 as required.
-As a result of this and due to a change in the binary protocol format between them,
-new builds of squid are no longer backwards-compatible with old pinger binaries.
-You will need to perform \&"make install-pinger\&" again after installing squid.
-.Pp
-.Pp
-Peer and Client SNMP tables have been altered to handle IPv6 addresses.
-As a side effect of this the long-missing fix to show seperate named peers on one IP
-has been integrated. Making the SNMP peer table now produce correct output.
-The table structure change is identical for both IPv4-only and Dual modes but with
-IPv4-only simply not including any IP6 entries. This means any third-party SNMP
-software which hard coded the MIB paths needs to be upgraded for this Squid release.
-.Pp
-.Pp
-Limitations of IPv6 Support
-
-.Pp
-Specify a specific tcp_outgoing_address and the clients who match its ACL are limited
-to the IPv4 or IPv6 network that address belongs to. They are not permitted over the
-IPv4-IPv6 boundary. Some ACL voodoo can however be applied to explicitly route the
-IPv6/IPv4 bound traffic out an appropriate interface.
-.DS
-.sp
-.ft RR
-.nf
- acl toIP6 dst ipv6
- tcp_outgoing_address 2001::1 toIP6
- tcp_outgoing_address 10.0.0.1 !toIP6
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.Pp
-WCCP is not available (neither version 1 or 2). It remains built into squid for use with IPv4 traffic but IPv6 cannot use it.
-.Pp
-.Pp
-Transparent/Interception is done via NAT at the OS level and is not available in IPv6.
-Squid will ensure that any port set with transparent or tproxy options be an IPv4-only
-listening address. Wildcard can still be used but will not open as an IPv6.
-To ensure that squid can accept IPv6 traffic on its default port, an alternative should
-be chosen to handle transparent traffic.
-.DS
-.sp
-.ft RR
-.nf
- http_port 3128
- http_port 8080 transparent
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.Pp
-The bundled NTLM Auth helper is IPv4-native between itself and the NTLM server.
-A new one will be needed for IPv6 traffic between the helper and server.
-.Pp
-.Pp
-The bundled RADIUS Auth helper is IPv4-native, both in traffic between and data storage
-with the RADIUS server. A new helper will be needed for IPv6 RADIUS protocol.
-.Pp
-.Pp
-.SH Changes to squid.conf
-
-.Pp
-There have been changes to Squid's configuration file since Squid-3.0.
-.Pp
-This section gives a thorough account of those changes in three categories:
-.Pp
-.nr ll +1
-.nr t\n(ll 0
-.if \n(ll>1 .RS
-.nr bi 1
-.Pp
-.nr bi 1
-.Pp
-.nr bi 1
-.Pp
-.if \n(ll>1 .RE
-.nr ll -1
-.Pp
-.Pp
-.Pp
-.Pp
-New tags
-
-.Pp
-.nr ll +1
-.nr t\n(ll 2
-.if \n(ll>1 .RS
-.IP "pinger_enable"
-.nr bi 1
-.Pp
-New option to enable/disable the ICMP pinger helper with a reconfigure instead of a full rebuild.
-.DS
-.sp
-.ft RR
-.nf
- Control whether the pinger is active at run-time.
- Enables turning ICMP pinger on and off with a simple squid -k reconfigure.
- default is on when --enable-icmp is compiled in.
-
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.IP "dns_v4_fallback"
-.nr bi 1
-.Pp
-New option to prevent squid from always looking up IPv4 regardless of whether IPv6 addresses are found.
-Squid will follow a policy of prefering IPv6 links, keeping the IPv4 only as a safety net behind IPv6.
-.DS
-.sp
-.ft RR
-.nf
- Standard practice with DNS is to lookup either A or AAAA records
- and use the results if it succeeds. Only looking up the other if
- the first attempt fails or otherwise produces no results.
-
- That policy however will cause squid to produce error pages for some
- servers that advertise AAAA but are unreachable over IPv6.
-
- If this is ON squid will always lookup both AAAA and A, using both.
- If this is OFF squid will lookup AAAA and only try A if none found.
-
- WARNING: There are some possibly unwanted side-effects with this on:
- *) Doubles the load placed by squid on the DNS network.
- *) May negatively impact connection delay times.
-
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.IP "include"
-.nr bi 1
-.Pp
-New option to import entire secondary configuration files into squid.conf.
-.DS
-.sp
-.ft RR
-.nf
- Squid will follow the files immediately and insert all their content
- as if it was at that position in squid.conf. As per squid.conf some
- options are order-specific within the config as a whole.
-
- A few layers of include are allowed, but too many are confusing and
- squid will enforce an include depth of 16 files.
-
- Syntax:
- include /path/to/file1 /path/to/file2
-
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.if \n(ll>1 .RE
-.nr ll -1
-.Pp
-Changes to existing tags
-
-.Pp
-.nr ll +1
-.nr t\n(ll 2
-.if \n(ll>1 .RS
-.IP "acl"
-.nr bi 1
-.Pp
-New preset content
-.DS
-.sp
-.ft RR
-.nf
- <p>ipv6 - now available as a preset type in the src and dst ACL matching all of the public IPv6 network space.
- <verb>
- acl aclname dst ipv6
-
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.IP "external_acl_type"
-.nr bi 1
-.Pp
-New options 'ipv4' and 'ipv6' are added to set the IPv4/v6 protocol between squid and its helpers.
-Please be aware of some limits to these options. These options only affet the transport protocol used
-to send data to and from the helpers. Squid in IPv6-mode may still send %SRC addresses in IPv4 or IPv6
-format, so all helpers will need to be checked and converted to cope with such information cleanly.
-.DS
-.sp
-.ft RR
-.nf
- ipv4 / ipv6 IP-mode used to communicate to this helper.
- For compatability with older configurations and helpers
- 'ipv4' is the default unless --with-localhost-ipv6 is used.
- --with-localhost-ipv6 changes the default to 'ipv6'.
- SPECIAL NOTE: explicit use of these options override --with-localhost-ipv6
-
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.IP "tcp_outgoing_address"
-.nr bi 1
-.Pp
-This option causes some problems when bridging IPv4 and IPv6. A workaround has been provided.
-.DS
-.sp
-.ft RR
-.nf
- Squid is built with a capability of bridging the IPv4 and IPv6 internets.
- tcp_outgoing_address as previously used breaks this bridging by forcing
- all outbound traffic through a certain IPv4 which may be on the wrong
- side of the IPv4/IPv6 boundary.
-
- To operate with tcp_outgoing_address and keep the bridging benefits
- an additional ACL needs to be used which ensures the IPv6-bound traffic
- is never forced or permitted out the IPv4 interface.
-
- acl to_ipv6 dst ipv6
- tcp_outgoing_address 2002::c001 good_service_net to_ipv6
- tcp_outgoing_address 10.0.0.2 good_service_net !to_ipv6
-
- tcp_outgoing_address 2002::beef normal_service_net to_ipv6
- tcp_outgoing_address 10.0.0.1 normal_service_net !to_ipv6
-
- tcp_outgoing_address 2002::1 to_ipv6
- tcp_outgoing_address 10.0.0.3 !to_ipv6
-
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.IP "balance_on_multiple_ip"
-.nr bi 1
-.Pp
-The previous default behavour (rotate per-request) of this setting causes failover clashes with IPv6 built-in mechanisms.
-It has thus been turned off by default. Making the 'best choice' IP continue in use for any hostname until it encounters a connection failure and failover drops to the next known IP.
-.DS
-.sp
-.ft RR
-.nf
- Modern IP resolvers in squid sort lookup results by preferred access.
- By default squid will use these IP in order and only rotates to
- the next listed when the most preffered fails.
-
- Some load balancing servers based on round robin DNS have been
- found not to preserve user session state across requests
- to different IP addresses.
-
- Enabling this directive Squid rotates IP's per request.
-
-.DE
-.fi
-.ec
-.ft P
-.sp
-.Pp
-.if \n(ll>1 .RE
-.nr ll -1
-.Pp
-.Pp
-Removed tags
-
-.Pp
-.nr ll +1
-.nr t\n(ll 2
-.if \n(ll>1 .RS
-.Pp
-.if \n(ll>1 .RE
-.nr ll -1
-.Pp
-.Pp
-.SH Changes to ./configure Options
-
-.Pp
-There have been some changes to Squid's build configuration since Squid-3.0.
-.Pp
-This section gives an account of those changes in three categories:
-.Pp
-.nr ll +1
-.nr t\n(ll 0
-.if \n(ll>1 .RS
-.nr bi 1
-.Pp
-.nr bi 1
-.Pp
-.nr bi 1
-.Pp
-.nr bi 1
-.Pp
-.if \n(ll>1 .RE
-.nr ll -1
-.Pp
-.Pp
-.Pp
-New options
-
-.Pp
-.nr ll +1
-.nr t\n(ll 2
-.if \n(ll>1 .RS
-.IP "--enable-ipv6"
-.nr bi 1
-.Pp
-Buildwith IPv6 support. The default is to build without.
-.Pp
-.IP "--with-localhost-ipv6"
-.nr bi 1
-.Pp
-Build support for squid to map all 127.0.0.1 traffic onto ::1.
-The default is to build with 127.0.0.1 and ::1 being considered seperate IP.
-see the IPv6 details above for a better description.
-.Pp
-.IP "--with-ipv6-split-stack"
-.nr bi 1
-.Pp
-Enable special additions for IPv6 support in Windows XP.
-see the IPv6 details above for a better description.
-.Pp
-.IP "--with-ipv4-mapped"
-.nr bi 1
-.Pp
-Enable special additions for IPv6 support in Windows Vista.
-see the IPv6 details above for a better description.
-.Pp
-.IP "--with-dns-cname"
-.nr bi 1
-.Pp
-Enable CNAME recursion within the Internal DNS resolver stub squid uses.
-This has no effect on the external DNS helper.
-Please note this extension is still experimental and may encounter problems.
-To see if it is actually needed you can run squid without it for a period and
-check the CNAME-Only Requests statistics squid maintains.
-If it produces ongoing serious problems the external helper may be needed
-but please report the bugs anyway.
-.Pp
-.if \n(ll>1 .RE
-.nr ll -1
-Changes to existing options
-
-.Pp
-.nr ll +1
-.nr t\n(ll 2
-.if \n(ll>1 .RS
-.IP "--disable-internl-dns"
-.nr bi 1
-.Pp
-Better support for Linux using the external DNS helper.
-The helper will compile and work with dns_nameservers on more variants of Linux than previously.
-.Pp
-.if \n(ll>1 .RE
-.nr ll -1
-Not yet available options
-
-.Pp
-These configure options have not yet been ported to Squid-3. If you need something to do then
-porting one of these from Squid-2 to Squid-3 is most welcome.
-.Pp
-.nr ll +1
-.nr t\n(ll 2
-.if \n(ll>1 .RS
-.IP "--enable-devpoll"
-.nr bi 1
-.Pp
-Support for Solaris /dev/poll
-.Pp
-.IP "--enable-select-simple"
-.nr bi 1
-.Pp
-Basic POSIX select() loop without any binary fd_set optimizations.
-.Pp
-.IP "--enable-follow-x-forwarded-for"
-.nr bi 1
-.Pp
-Support following the X-Forwarded-For HTTP header for determining the
-client IP address
-.if \n(ll>1 .RE
-.nr ll -1
-.Pp
-Removed options
-
-.Pp
-The following configure options have been removed.
-.Pp
-.nr ll +1
-.nr t\n(ll 2
-.if \n(ll>1 .RS
-.Pp
-.if \n(ll>1 .RE
-.nr ll -1
-.Pp
projects / thirdparty / squid.git / commitdiff
