[squid-users] load balancing traffic through squid on systems with 2 Internet connections
Hi, I have a System with two Internet connections. Is it possible to configure squid to load balance out going internet traffic through those two Internet Connections? Thank you so much Kind Regards Siju
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
From: "Siju George" <[EMAIL PROTECTED]> > > I have a System with two Internet connections. > Is it possible to configure squid to load balance out going internet > traffic through those two Internet Connections? > This is assuming that you are running Linux :- Just set up multiple routing and weight assignment. You might have to turn off kernel option which caches multiple routing.
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
From: "Ming-Ching Tiew" <[EMAIL PROTECTED]> > > This is assuming that you are running Linux :- > Just set up multiple routing and weight assignment. > You might have to turn off kernel option which > caches multiple routing. > I meant MULTI PATH routing. Important Warning! *** This electronic communication (including any attached files) may contain confidential and/or legally privileged information and is only intended for the use of the person to whom it is addressed. If you are not the intended recipient, you do not have permission to read, use, disseminate, distribute, copy or retain any part of this communication or its attachments in any form. If this e-mail was sent to you by mistake, please take the time to notify the sender so that they can identify the problem and avoid any more mistakes in sending e-mail to you. The unauthorised use of information contained in this communication or its attachments may result in legal action against any person who uses it.
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
On Nov 21, 2007 6:29 AM, Ming-Ching Tiew <[EMAIL PROTECTED]> wrote: > > From: "Ming-Ching Tiew" <[EMAIL PROTECTED]> > > > > This is assuming that you are running Linux :- > > Just set up multiple routing and weight assignment. > > You might have to turn off kernel option which > > caches multiple routing. > > > Thank you so much Ching for your kind response:-) I am running OpenBSD with route-to option in PF http://www.openbsd.org/faq/pf/pools.html#outgoing Is there any option to do it in the "squid.conf" file? I know there is a "tcp_outgoing_address" option. just wondering if it is possible to make it use all outgoing IP address in a round-robin manner :-) Thank you so much once again. Kind Regards Siju
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
From: "Siju George" <[EMAIL PROTECTED]> > > Is there any option to do it in the "squid.conf" file? > > I know there is a "tcp_outgoing_address" option. > > just wondering if it is possible to make it use all outgoing IP > address in a round-robin manner :-) > As far as I know, you could do "split access" using the 'tcp_outgoing_address' method, but you can't get squid to use it in round-robin manner. I might be wrong. :-)
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
On Wed, Nov 21, 2007, Ming-Ching Tiew wrote: > As far as I know, you could do "split access" using > the 'tcp_outgoing_address' method, but you can't > get squid to use it in round-robin manner. > > I might be wrong. :-) I don't think there is, but making squid do that with a small source patch wouldn't be difficult. Adrian -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
Hi George, Siju George wrote: Hi, I have a System with two Internet connections. Is it possible to configure squid to load balance out going internet traffic through those two Internet Connections? To keep things simple, you can just use the "tcp_outgoing_address" parameter in squid.conf. Thanking you... Thank you so much Kind Regards Siju -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu System Administrator (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np http://teklimbu.wordpress.com
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
On Nov 21, 2007 12:21 PM, Tek Bahadur Limbu <[EMAIL PROTECTED]> wrote: > Hi George, > > Siju George wrote: > > Hi, > > > > I have a System with two Internet connections. > > Is it possible to configure squid to load balance out going internet > > traffic through those two Internet Connections? > > To keep things simple, you can just use the "tcp_outgoing_address" > parameter in squid.conf. > It didn't work :-( I am running OpenSBD and using the route-to option in pf.conf http://www.openbsd.org/faq/pf/pools.html#outgoing to load balance Internet connections. It is not multipath routing with two default routes. Thank you so much for the response :-) Kind Regards Siju
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
On ons, 2007-11-21 at 13:50 +0900, Adrian Chadd wrote: > On Wed, Nov 21, 2007, Ming-Ching Tiew wrote: > > > As far as I know, you could do "split access" using > > the 'tcp_outgoing_address' method, but you can't > > get squid to use it in round-robin manner. > > > > I might be wrong. :-) > > I don't think there is, but making squid do that with a small source patch > wouldn't be difficult. But not something I would recommend. Many sites dislikes clients coming from more than one IP during the same session. The client IP is often embedded in session cookies etc, making the session fail if the IP changes. Regards Henrik signature.asc Description: This is a digitally signed message part
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
On Nov 22, 2007 2:16 AM, Henrik Nordstrom <[EMAIL PROTECTED]> wrote: > On ons, 2007-11-21 at 13:50 +0900, Adrian Chadd wrote: > > On Wed, Nov 21, 2007, Ming-Ching Tiew wrote: > > > > > As far as I know, you could do "split access" using > > > the 'tcp_outgoing_address' method, but you can't > > > get squid to use it in round-robin manner. > > > > > > I might be wrong. :-) > > > > I don't think there is, but making squid do that with a small source patch > > wouldn't be difficult. > > But not something I would recommend. Many sites dislikes clients coming > from more than one IP during the same session. The client IP is often > embedded in session cookies etc, making the session fail if the IP > changes. > Yes Henrik. Such sites are identified and there is af firewall rule added to PF in OpenBSD to route them through the same interface.. But it is not a problem with majority of the sites. Thank you so much for the response :-) Kind Regards Siju
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
From: "Siju George" <[EMAIL PROTECTED]> > > > > But not something I would recommend. Many sites dislikes clients coming > > from more than one IP during the same session. The client IP is often > > embedded in session cookies etc, making the session fail if the IP > > changes. > > > > Yes Henrik. > Such sites are identified and there is af firewall rule added to PF in > OpenBSD to route them through the same interface.. But it is not a > problem with majority of the sites. > Perhaps it will be interesting for squid to have an acl called random :- ( is there one already ? ) eg acl rnd random 50 # 50 % tcp_outgoing_address x.x.x.x rnd <--- use x 50 % of time tcp_outgoing_address y.y.y.y rnd < use y 50% of time tcp_outgoing_address z.z.z.z <--- have to provide a default in case nothing is matched And the random acl can be used together with other acl too ! eg acl link1 dst . tcp_outgoing_address x.x.x.x link1 rnd :-)
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
It sounds like a coding project - are you volunteering? :) Adrian On Thu, Nov 22, 2007, Ming-Ching Tiew wrote: > From: "Siju George" <[EMAIL PROTECTED]> > > > > > > But not something I would recommend. Many sites dislikes clients coming > > > from more than one IP during the same session. The client IP is often > > > embedded in session cookies etc, making the session fail if the IP > > > changes. > > > > > > > Yes Henrik. > > Such sites are identified and there is af firewall rule added to PF in > > OpenBSD to route them through the same interface.. But it is not a > > problem with majority of the sites. > > > > Perhaps it will be interesting for squid to have an acl called random :- > > ( is there one already ? ) > > eg > >acl rnd random 50 # 50 % > >tcp_outgoing_address x.x.x.x rnd <--- use x 50 % of time >tcp_outgoing_address y.y.y.y rnd < use y 50% of time >tcp_outgoing_address z.z.z.z <--- have to provide a > default in case nothing is matched > > And the random acl can be used together with other acl too ! > > eg > acl link1 dst . > tcp_outgoing_address x.x.x.x link1 rnd > > :-) > > > > > > > -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
Hi George, Siju George wrote: On Nov 21, 2007 12:21 PM, Tek Bahadur Limbu <[EMAIL PROTECTED]> wrote: Hi George, Siju George wrote: Hi, I have a System with two Internet connections. Is it possible to configure squid to load balance out going internet traffic through those two Internet Connections? To keep things simple, you can just use the "tcp_outgoing_address" parameter in squid.conf. It didn't work :-( I am running OpenSBD and using the route-to option in pf.conf http://www.openbsd.org/faq/pf/pools.html#outgoing I am not familiar with OpenBSD systems. How many network interface cards does this OpenBSD system have? And how is your network setup layout? to load balance Internet connections. It is not multipath routing with two default routes. Why don't you create 2 alias in your network interface pointing to the 2 routers having internet connectivity and then use the "tcp_outgoing_address" parameter? Thanking you... Thank you so much for the response :-) Kind Regards Siju -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu System Administrator (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np http://teklimbu.wordpress.com
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
> > On Wed, Nov 21, 2007, Ming-Ching Tiew wrote: > > > As far as I know, you could do "split access" using > > > the 'tcp_outgoing_address' method, but you can't > > > get squid to use it in round-robin manner. > > > > > > I might be wrong. :-) > On ons, 2007-11-21 at 13:50 +0900, Adrian Chadd wrote: > > I don't think there is, but making squid do that with a small source patch > > wouldn't be difficult. On 21.11.07 21:46, Henrik Nordstrom wrote: > But not something I would recommend. Many sites dislikes clients coming > from more than one IP during the same session. The client IP is often > embedded in session cookies etc, making the session fail if the IP > changes. We have squid servers behind L3 switch (balancer) which uses the 'sourcehash' technique for balancing requests because of this reason. Maybe such functionality could be integrated into squid. Or into packetfilter :) -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. There's a long-standing bug relating to the x86 architecture that allows you to install Windows. -- Matthew D. Fuller
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
On Nov 22, 2007 8:33 AM, Ming-Ching Tiew <[EMAIL PROTECTED]> wrote: > From: "Siju George" <[EMAIL PROTECTED]> > > > > > > But not something I would recommend. Many sites dislikes clients coming > > > from more than one IP during the same session. The client IP is often > > > embedded in session cookies etc, making the session fail if the IP > > > changes. > > > > > > > Yes Henrik. > > Such sites are identified and there is af firewall rule added to PF in > > OpenBSD to route them through the same interface.. But it is not a > > problem with majority of the sites. > > > > Perhaps it will be interesting for squid to have an acl called random :- > > ( is there one already ? ) > > eg > >acl rnd random 50 # 50 % > >tcp_outgoing_address x.x.x.x rnd <--- use x 50 % of time >tcp_outgoing_address y.y.y.y rnd < use y 50% of time >tcp_outgoing_address z.z.z.z <--- have to provide a > default in case nothing is matched > > And the random acl can be used together with other acl too ! > > eg > acl link1 dst . > tcp_outgoing_address x.x.x.x link1 rnd > > :-) > If you use the http://www.openbsd.org/faq/pf/pools.html#outgoing method as I use now then even through the outgoing address will be changed for 50% of the packets those same packets will be routed out through the default interface only :-( Thankyou so much kind Regards Siju
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
There is another replacement for load-balancing, known as ClarkConnect. It is a perfect load balancer, firewall, with many other different solutions. Try it... http://www.clarkconnect.com/ -- Thank you, Javed - Original Message From: Siju George <[EMAIL PROTECTED]> To: Ming-Ching Tiew <[EMAIL PROTECTED]> Cc: squid-users Sent: Thursday, November 22, 2007 1:27:11 PM Subject: Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections On Nov 22, 2007 8:33 AM, Ming-Ching Tiew <[EMAIL PROTECTED]> wrote: > From: "Siju George" <[EMAIL PROTECTED]> > > > > > > But not something I would recommend. Many sites dislikes clients coming > > > from more than one IP during the same session. The client IP is often > > > embedded in session cookies etc, making the session fail if the IP > > > changes. > > > > > > > Yes Henrik. > > Such sites are identified and there is af firewall rule added to PF in > > OpenBSD to route them through the same interface.. But it is not a > > problem with majority of the sites. > > > > Perhaps it will be interesting for squid to have an acl called random :- > > ( is there one already ? ) > > eg > >acl rnd random 50 # 50 % > >tcp_outgoing_address x.x.x.x rnd <--- use x 50 % of time >tcp_outgoing_address y.y.y.y rnd < use y 50% of time >tcp_outgoing_address z.z.z.z <--- have to provide a > default in case nothing is matched > > And the random acl can be used together with other acl too ! > > eg >acl link1 dst . >tcp_outgoing_address x.x.x.x link1 rnd > > :-) > If you use the http://www.openbsd.org/faq/pf/pools.html#outgoing method as I use now then even through the outgoing address will be changed for 50% of the packets those same packets will be routed out through the default interface only :-( Thankyou so much kind Regards Siju Be a better pen pal. Text or chat with friends inside Yahoo! Mail. See how. http://overview.mail.yahoo.com/
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
> If you use the > > http://www.openbsd.org/faq/pf/pools.html#outgoing > > method as I use now then even through the outgoing address will be > changed for 50% of the packets those same packets will be routed out > through the default interface only :-( First of all I don't know anything about OpenBSD but we have to know, making squid use a particular tcp_outgoing_address is as much as what we can ask squid to do, actual routing decision should rightfully be left to the OPERATING SYSTEM. In Linux, all these things are addressed :- 1. You can use POLICY ROUTING - one of the capabilities of policy routing is be able to route based on SOURCE IP instead of destination IP. 2. You can use MULTI PATH ROUTING - ie you can start a session based on certain relative weight you assign to a default route. 3. You can also use netfilter 'recent'/CONNMARK match - they allow you to tie a session to an interface for a configurable amount of time. I might not be even exhaustive here. All in all, my conclusion is this :- You really have to look hard to the operating system for this instead of squid. If you have exhausted the capabilities of OpenBSD, you would have to throw it away ! :-)
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
On tor, 2007-11-22 at 13:57 +0530, Siju George wrote: > method as I use now then even through the outgoing address will be > changed for 50% of the packets those same packets will be routed out > through the default interface only :-( There is two related components needed to make multipath routing work properly for hosts connected to multiple ISPs a) You need multi-path balancing support in the routing, balancing the outgoing sessions on the available paths. The primary function of this is to select the proper source IP. b) You need policy routing based on source IP to route already assigned traffic out via the correct ISP. Regards Henrik signature.asc Description: This is a digitally signed message part
Re: [squid-users] load balancing traffic through squid on systems with 2 Internet connections
On tor, 2007-11-22 at 08:19 +0100, Matus UHLAR - fantomas wrote: > We have squid servers behind L3 switch (balancer) which uses the > 'sourcehash' technique for balancing requests because of this reason. Maybe > such functionality could be integrated into squid. Or into packetfilter :) That's a good coding project for some interested volunteer. Extend tcp_outgoing_address with a "sourcehash" selector.. Regards Henrik signature.asc Description: This is a digitally signed message part