RE: [squid-users] Redirect Youtube out second ISP
Using this: http://www.squid-cache.org/Doc/config/tcp_outgoing_tos/ To mark the TOS on traffic to youtube. Then using what to redirect them out the different link? Iptables? Ryan Stinn Holy Trinity Catholic School Division -Original Message- From: Amos Jeffries [mailto:squ...@treenet.co.nz] Sent: Thursday, February 21, 2013 5:13 PM To: squid-users@squid-cache.org Subject: Re: [squid-users] Redirect Youtube out second ISP On 22/02/2013 11:02 a.m., Stinn, Ryan wrote: I ended up putting a second proxy up and using cache peer to redirect all traffic to it. Not the best solution but it's just a tiny VM fetching youtube. Ryan Why did you avoid the TOS methods? much simpler than double-proessing all the HTTP syntax. Amos
Re: [squid-users] Redirect Youtube out second ISP
On 23/02/2013 4:13 a.m., Stinn, Ryan wrote: Using this: http://www.squid-cache.org/Doc/config/tcp_outgoing_tos/ To mark the TOS on traffic to youtube. Then using what to redirect them out the different link? Iptables? Yes. Whatever TCP QoS functionality your system provides for routing based on TOS. Amos
RE: [squid-users] Redirect Youtube out second ISP
I ended up putting a second proxy up and using cache peer to redirect all traffic to it. Not the best solution but it's just a tiny VM fetching youtube. Ryan -Original Message- From: Pieter De Wit [mailto:pie...@insync.za.net] Sent: Wednesday, February 20, 2013 10:57 AM To: squid-users@squid-cache.org Subject: Re: [squid-users] Redirect Youtube out second ISP Hi, I would just run 2 squids on the same box, iptables mark the second one's traffic for the second uplink (using multiple routing tables etc). The first squid then simply forwards all youtube traffic by URL - no IP issues etc. Cheers, Pieter On 21/02/2013 05:33, Ricardo Rios wrote: No is not, is just what i see doing some sniffing on my mikrotik box, where my costumers connect, i am sure i still missing few IPs. Regards I am doing it this way currently on my router however knowing all of youtube's IP addresses is annoying. Do you know if your list is conclusive? Ryan Stinn Holy Trinity Catholic School Division -Original Message- From: Ricardo Rios [mailto:shorew...@malargue.gov.ar] Sent: Monday, February 18, 2013 4:46 PM To: Squid Users Subject: Re: [squid-users] Redirect Youtube out second ISP I have that working but using www.shorewall.net [1] Firewall, sending all youtube request to provider number 4 /etc/shorewall/providers #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY cable2 2 2 main eth4:192.168.150.99 192.168.150.199 track,balance=3,loose,mtu=1492 cable3 3 3 main eth4:192.168.150.99 192.168.150.202 track,balance=3,loose,mtu=1492 silica 4 4 main eth6 186.0.190.241 track,balance=2,mtu=1500 /etc/shorewall/tcrules #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES HELPER #Youtube 4:P 10.0.0.0/24 208.117.253.0/20 4:P 10.0.0.0/24 74.125.228.0/24 4:P 10.0.0.0/24 173.194.60.0/18 4:P 10.0.0.0/24 200.9.157.0/20 http://www.shorewall.net/Documentation_Index.html [2]Regards - Original Message - From: Stinn, Ryan ryan.st...@htcsd.ca To: squid-users@squid-cache.org squid-users@squid-cache.org Cc: Sent: Saturday, 16 February 2013 4:13 AM Subject: [squid-users] Redirect Youtube out second ISP I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. Try this: acl dstdom_regex yt -i youtube tcp_outgoing_address yt 1.2.3.4 1.2.3.4 is IP address of 2nd line (should be on same machine as squid). Amm. Links: -- [1] http://www.shorewall.net [2] http://www.shorewall.net/Documentation_Index.html
Re: [squid-users] Redirect Youtube out second ISP
On 22/02/2013 11:02 a.m., Stinn, Ryan wrote: I ended up putting a second proxy up and using cache peer to redirect all traffic to it. Not the best solution but it's just a tiny VM fetching youtube. Ryan Why did you avoid the TOS methods? much simpler than double-proessing all the HTTP syntax. Amos
RE: [squid-users] Redirect Youtube out second ISP
I am doing it this way currently on my router however knowing all of youtube's IP addresses is annoying. Do you know if your list is conclusive? Ryan Stinn Holy Trinity Catholic School Division -Original Message- From: Ricardo Rios [mailto:shorew...@malargue.gov.ar] Sent: Monday, February 18, 2013 4:46 PM To: Squid Users Subject: Re: [squid-users] Redirect Youtube out second ISP I have that working but using www.shorewall.net Firewall, sending all youtube request to provider number 4 /etc/shorewall/providers #NAME NUMBER MARKDUPLICATE INTERFACE GATEWAY OPTIONS COPY cable2 2 2 main eth4:192.168.150.99 192.168.150.199 track,balance=3,loose,mtu=1492 cable3 3 3 main eth4:192.168.150.99 192.168.150.202 track,balance=3,loose,mtu=1492 silica 4 4 main eth6 186.0.190.241 track,balance=2,mtu=1500 /etc/shorewall/tcrules #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES HELPER #Youtube 4:P 10.0.0.0/24 208.117.253.0/20 4:P 10.0.0.0/24 74.125.228.0/24 4:P 10.0.0.0/24 173.194.60.0/18 4:P 10.0.0.0/24 200.9.157.0/20 http://www.shorewall.net/Documentation_Index.html Regards - Original Message - From: Stinn, Ryan ryan.st...@htcsd.ca To: squid-users@squid-cache.org squid-users@squid-cache.org Cc: Sent: Saturday, 16 February 2013 4:13 AM Subject: [squid-users] Redirect Youtube out second ISP I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. Try this: acl dstdom_regex yt -i youtube tcp_outgoing_address yt 1.2.3.4 1.2.3.4 is IP address of 2nd line (should be on same machine as squid). Amm.
RE: [squid-users] Redirect Youtube out second ISP
No is not, is just what i see doing some sniffing on my mikrotik box, where my costumers connect, i am sure i still missing few IPs. Regards I am doing it this way currently on my router however knowing all of youtube's IP addresses is annoying. Do you know if your list is conclusive? Ryan Stinn Holy Trinity Catholic School Division -Original Message- From: Ricardo Rios [mailto:shorew...@malargue.gov.ar] Sent: Monday, February 18, 2013 4:46 PM To: Squid Users Subject: Re: [squid-users] Redirect Youtube out second ISP I have that working but using www.shorewall.net [1] Firewall, sending all youtube request to provider number 4 /etc/shorewall/providers #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY cable2 2 2 main eth4:192.168.150.99 192.168.150.199 track,balance=3,loose,mtu=1492 cable3 3 3 main eth4:192.168.150.99 192.168.150.202 track,balance=3,loose,mtu=1492 silica 4 4 main eth6 186.0.190.241 track,balance=2,mtu=1500 /etc/shorewall/tcrules #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES HELPER #Youtube 4:P 10.0.0.0/24 208.117.253.0/20 4:P 10.0.0.0/24 74.125.228.0/24 4:P 10.0.0.0/24 173.194.60.0/18 4:P 10.0.0.0/24 200.9.157.0/20 http://www.shorewall.net/Documentation_Index.html [2]Regards - Original Message - From: Stinn, Ryan ryan.st...@htcsd.ca To: squid-users@squid-cache.org squid-users@squid-cache.org Cc: Sent: Saturday, 16 February 2013 4:13 AM Subject: [squid-users] Redirect Youtube out second ISP I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. Try this: acl dstdom_regex yt -i youtube tcp_outgoing_address yt 1.2.3.4 1.2.3.4 is IP address of 2nd line (should be on same machine as squid). Amm. Links: -- [1] http://www.shorewall.net [2] http://www.shorewall.net/Documentation_Index.html
Re: [squid-users] Redirect Youtube out second ISP
Hi, I would just run 2 squids on the same box, iptables mark the second one's traffic for the second uplink (using multiple routing tables etc). The first squid then simply forwards all youtube traffic by URL - no IP issues etc. Cheers, Pieter On 21/02/2013 05:33, Ricardo Rios wrote: No is not, is just what i see doing some sniffing on my mikrotik box, where my costumers connect, i am sure i still missing few IPs. Regards I am doing it this way currently on my router however knowing all of youtube's IP addresses is annoying. Do you know if your list is conclusive? Ryan Stinn Holy Trinity Catholic School Division -Original Message- From: Ricardo Rios [mailto:shorew...@malargue.gov.ar] Sent: Monday, February 18, 2013 4:46 PM To: Squid Users Subject: Re: [squid-users] Redirect Youtube out second ISP I have that working but using www.shorewall.net [1] Firewall, sending all youtube request to provider number 4 /etc/shorewall/providers #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY cable2 2 2 main eth4:192.168.150.99 192.168.150.199 track,balance=3,loose,mtu=1492 cable3 3 3 main eth4:192.168.150.99 192.168.150.202 track,balance=3,loose,mtu=1492 silica 4 4 main eth6 186.0.190.241 track,balance=2,mtu=1500 /etc/shorewall/tcrules #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES HELPER #Youtube 4:P 10.0.0.0/24 208.117.253.0/20 4:P 10.0.0.0/24 74.125.228.0/24 4:P 10.0.0.0/24 173.194.60.0/18 4:P 10.0.0.0/24 200.9.157.0/20 http://www.shorewall.net/Documentation_Index.html [2]Regards - Original Message - From: Stinn, Ryan ryan.st...@htcsd.ca To: squid-users@squid-cache.org squid-users@squid-cache.org Cc: Sent: Saturday, 16 February 2013 4:13 AM Subject: [squid-users] Redirect Youtube out second ISP I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. Try this: acl dstdom_regex yt -i youtube tcp_outgoing_address yt 1.2.3.4 1.2.3.4 is IP address of 2nd line (should be on same machine as squid). Amm. Links: -- [1] http://www.shorewall.net [2] http://www.shorewall.net/Documentation_Index.html
Re: [squid-users] Redirect Youtube out second ISP
I have that working but using www.shorewall.net Firewall, sending all youtube request to provider number 4 /etc/shorewall/providers #NAME NUMBER MARKDUPLICATE INTERFACE GATEWAY OPTIONS COPY cable2 2 2 main eth4:192.168.150.99 192.168.150.199 track,balance=3,loose,mtu=1492 cable3 3 3 main eth4:192.168.150.99 192.168.150.202 track,balance=3,loose,mtu=1492 silica 4 4 main eth6 186.0.190.241 track,balance=2,mtu=1500 /etc/shorewall/tcrules #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES HELPER #Youtube 4:P 10.0.0.0/24 208.117.253.0/20 4:P 10.0.0.0/24 74.125.228.0/24 4:P 10.0.0.0/24 173.194.60.0/18 4:P 10.0.0.0/24 200.9.157.0/20 http://www.shorewall.net/Documentation_Index.html Regards - Original Message - From: Stinn, Ryan ryan.st...@htcsd.ca To: squid-users@squid-cache.org squid-users@squid-cache.org Cc: Sent: Saturday, 16 February 2013 4:13 AM Subject: [squid-users] Redirect Youtube out second ISP I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. Try this: acl dstdom_regex yt -i youtube tcp_outgoing_address yt 1.2.3.4 1.2.3.4 is IP address of 2nd line (should be on same machine as squid). Amm.
[squid-users] Redirect Youtube out second ISP
I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. I was thinking I could put a second squid proxy on that line and then redirect all youtube traffic to it, but I'm not sure how to start this. Thanks Ryan
Re: [squid-users] Redirect Youtube out second ISP
On 16/02/2013 11:43, Stinn, Ryan wrote: I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. I was thinking I could put a second squid proxy on that line and then redirect all youtube traffic to it, but I'm not sure how to start this. Thanks Ryan Hi, Look at the cache_peer_access option if you have the second server. You could also use a dual gateway option, but this needs some work on iptables/iproute. Cheers, Pieter
Re: [squid-users] Redirect Youtube out second ISP
On 16/02/2013 12:01 p.m., Pieter De Wit wrote: On 16/02/2013 11:43, Stinn, Ryan wrote: I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. I was thinking I could put a second squid proxy on that line and then redirect all youtube traffic to it, but I'm not sure how to start this. Thanks Ryan Hi, Look at the cache_peer_access option if you have the second server. You could also use a dual gateway option, but this needs some work on iptables/iproute. Cheers, Pieter It is also worth looking at tcp_outgoing_tos and tcp_outgoing_mark in Squid-3.2 or later. PS. you may need a version with http://bugs.squid-cache.org/show_bug.cgi?id=3767 fixed (will be in 3.2.8 next month, daily 3.2 bug-fix packages have it now). Amos
Re: [squid-users] Redirect Youtube out second ISP
On 16/02/2013 3:11 p.m., Amos Jeffries wrote: On 16/02/2013 12:01 p.m., Pieter De Wit wrote: On 16/02/2013 11:43, Stinn, Ryan wrote: I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. I was thinking I could put a second squid proxy on that line and then redirect all youtube traffic to it, but I'm not sure how to start this. Thanks Ryan Hi, Look at the cache_peer_access option if you have the second server. You could also use a dual gateway option, but this needs some work on iptables/iproute. Cheers, Pieter It is also worth looking at tcp_outgoing_tos and tcp_outgoing_mark in Squid-3.2 or later. PS. you may need a version with http://bugs.squid-cache.org/show_bug.cgi?id=3767 fixed (will be in 3.2.8 next month, daily 3.2 bug-fix packages have it now). Oops. I meant http://bugs.squid-cache.org/show_bug.cgi?id=3723, but both are worth it. Amos Amos
Re: [squid-users] Redirect Youtube out second ISP
- Original Message - From: Stinn, Ryan ryan.st...@htcsd.ca To: squid-users@squid-cache.org squid-users@squid-cache.org Cc: Sent: Saturday, 16 February 2013 4:13 AM Subject: [squid-users] Redirect Youtube out second ISP I'm wondering if it's possible to use squid to redirect youtube out a second ISP line. We have two connections and I'd like to push all youtube out the second connection. Try this: acl dstdom_regex yt -i youtube tcp_outgoing_address yt 1.2.3.4 1.2.3.4 is IP address of 2nd line (should be on same machine as squid). Amm.
