hello, my name is Denny. I am new in this list.

I am trying use multiple uplinks as describe in the lartc
documentation (http://lartc.org/howto/lartc.rpdb.multiple-links.html)
with squid transparent proxy in my gateway server.

let me draw the configuration :

-----DSL1-----|                  \
             |Transparent proxy  |----Local network
-----DSL2-----|                  /

IP eth1(DSL1) :
IP eth2(DSL2) :
Local network :
each DSL links rate is 384 kbps downlink and 128 kbps uplinks.

my ip route setting :
ip route add equalize scope global \
   nexthop via dev eth1 weight 1 \
   nexthop via dev eth2 weight 1

my iptables setting :
# proxy redirect
iptables -t nat -A PREROUTING  -p tcp --dport 80 -j REDIRECT --to-port 3128
# postrouting
iptables -t nat -A POSTROUTING -j SNAT -o eth1 --to-source
iptables -t nat -A POSTROUTING -j SNAT -o eth2 --to-source

squid config :
visible_hostname my_isp.net
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

cache_mem 512 MB
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir ufs /cache 6000 14 256

acl all src
acl manager proto cache_object
acl localhost src
acl localnet src
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

http_access allow localhost
http_access allow localnet
http_access allow manager localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all

cache_mgr cache-me
cache_effective_user squid
cache_effective_group squid
logfile_rotate 0
log_icp_queries off
buffered_logs on
half_closed_clients off
maximum_object_size 2048 KB

All Configuration is works. I can browsing most website.
But, I have another problem when implementing this multiple uplinks methods.
1. Messenger tools like YM will disconnect and try to reconnect every
3-5 minutes. it's always happens.
2. HTTPS for hotmail/msn is always error. "The connection was reset"
always appear in mozilla firefox. but, it never happens with
yahoo-mail and gmail (https).
3. MSN messenger never connect successfully.

All these problem never happens when I used conventional routing with
only one gateway.

After search articles in internet, I am trying to mark each connection
for MSN messenger via only one gateway. this is my solve using
iptables :
iptables -t mangle -A PREROUTING -p tcp --dport 443 -j MARK --set-mark 0x10
iptables -t mangle -A PREROUTING -p tcp --dport 1863:1864 -j MARK
--set-mark 0x10
iptables -t nat -A POSTROUTING -m mark --mark 0x10 -j SNAT -o eth1

It works!! My MSN messenger is able to connect now. but always
disconnect every 3-5 minutes.

The same way I try to fix my YM problem. I trying to mark YM port and
postrouting the traffic to eth1. but, it's not solve my problem. YM
always connect/disconnect every 5 minutes. (problem number 1)

Another problem, why MSN/Hotmail webmail always refuse my connection?
(problem number 2)

Maybe somebody have idea how to solve this problem? I feel will give
up soon... :(

thanks alot for your information and helps.. :)

best regards,

Denny Zulfikar
