ok, What its the nice solution :
1=BA. Using tcp_outgoning_address with Aclrandom or similar 2=BA. Not using Two wans,(If I can route WWW, HTTPS, Trought wan2 its fine for me). I want to route then FTP trought wan3, and Jabber/MSN.. trought WAN1 =BFAny example code with my config? 3=BA. Not using Squid Please if someone can write a example with my config I thank very much.. I search and MANY PEOPLE want to do similar env. Thanks to all! On Jan 18, 8:42=A0am, s...@spacehopper.org (Stuart Henderson) wrote: > On 2010/01/17 12:08, Steven Surdock wrote: > > > > > > > > -----Original Message----- > > > From: owner...@benzedrine.cx [mailto:owner...@benzedrine.cx] On Behal= f > > Of > > > Stuart Henderson > > > Sent: Sunday, January 17, 2010 6:20 AM > > > To: mashenko shenua > > > Cc: p...@benzedrine.cx > > > Subject: Re: Round-robin + Squid + 3 ISP > > > > On 2010/01/16 22:00, mashenko shenua wrote: > > > > Can you try it??. Some people tell me I can't use Squid with > > > > round-robin.. I see this for pfsense : > > > > >http://forum.pfsense.org/index.php?topic=3D7591.msg42943 > > > .. > > > > Thinking about it some more, perhaps this isn't possible with old > > > PF where nat was handled separately from filter rules; you might need > > > -current to do this... > > > I think I have seen references to using, > > =A0 =A0nat on $ext1 from "self" to any -> ($ext1) > > =A0 =A0nat on $ext1 from $internal_net to any -> ($ext1) > > =A0 =A0nat on $ext2 from "self" to any -> ($ext2) > > =A0 =A0nat on $ext2 from $internal_net to any -> ($ext2) > > Ah, that happens before route-to, so you could probably do round-robin > nat to a couple of addresses, and then have route-to punt them to the > correct interface. But I can't test it, any systems that I can > experiment on have been running PF with the new NAT code for > several months.. > > > To guarantee correct outbound addressing. =A0IMHO, this is something th= at > > Squid should handle... > > Well, it's also something PF should handle, there are any number of > reasons you might want to load-balance and you can't expect every app > that makes an outgoing network connection to have a way to set the > source address. > > Looks like you can do it with squid 3 using a random ACL.