RE: [squid-users] Squid virtual ips problem
I believe you need to use tcp_outgoing_address http://www.squid-cache.org/Versions/v3/3.0/cfgman/tcp_outgoing_address.html. Glad you asked this, actually never thought about this, but I think this is also just what I need to solve a problem I have with some websites and our T1 load balancer. By forcing traffic to them through a virtual IP that bypasses the load balancer. This should get the behavior you are after. acl machine1 src 192.168.10.50/32 acl machine2 src 192.168.10.60/32 acl outbound1 myip 192.168.10.2/32 acl outbound2 myip 192.168.10.3/32 tcp_outgoing_address 192.168.10.2 machine1 tcp_outgoing_address 192.168.10.2 outbound1 tcp_outgoing_address 192.168.20.3 machine2 tcp_outgoing_address 192.168.10.2 outbound2 tcp_outgoing_address 192.168.10.1 All requests from 192.168.10.50 60 will go out through 192.168.10.1 3 respectively. Requests made to 192.168.10.2 3 will leave via the address they came in through. Requests made to 192.168.10.1 will go out through 192.168.10.1, using the default rule at the end. I haven't done enough recently with acls in squid to know for sure what rule will take precedence when multiple rules are matched. You may have to change the order of the rules around to make them behave exactly as you want them to. Thanks, Dean Weimer Network Administrator Orscheln Management Co. -Original Message- From: marpel78 [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 20, 2008 11:33 AM To: squid-users@squid-cache.org Subject: [squid-users] Squid virtual ips problem Hi all. I've a big problem with squid and linux box. My server has three ips 192.168.10.1 on eth0 and 192.168.10.2 (virtual eth0:1) 192..168.10.3 (eth0:2). Squid is listening on 192.168.10.1, 2 and 3 port 8080. My problem is that i should like to make a selection based on source ip. If i get a request from 192.168.10.50 i should that squid use 192.168.10.2 to go to internet. If i get a request from 192.168.10.60 i should like squit use 192.168.10.3 to go to internet. But my squid only use its physical address 192.168.10.1 to go to internet also if my clients use 192.168.10.2 or 192.168.10.3 as proxy. I try to use iptables + squid + ip route but it does not work. Any suggestion please?? Thanls -- View this message in context: http://www.nabble.com/Squid-virtual-ips-problem-tp17344754p17344754.html Sent from the Squid - Users mailing list archive at Nabble.com.
RE: [squid-users] Squid virtual ips problem
Dean thank you very much. Your suggest works perfectly. The best perfect and quick response i've never received Thanks again Dean Weimer wrote: I believe you need to use tcp_outgoing_address http://www.squid-cache.org/Versions/v3/3.0/cfgman/tcp_outgoing_address.html. Glad you asked this, actually never thought about this, but I think this is also just what I need to solve a problem I have with some websites and our T1 load balancer. By forcing traffic to them through a virtual IP that bypasses the load balancer. This should get the behavior you are after. acl machine1 src 192.168.10.50/32 acl machine2 src 192.168.10.60/32 acl outbound1 myip 192.168.10.2/32 acl outbound2 myip 192.168.10.3/32 tcp_outgoing_address 192.168.10.2 machine1 tcp_outgoing_address 192.168.10.2 outbound1 tcp_outgoing_address 192.168.20.3 machine2 tcp_outgoing_address 192.168.10.2 outbound2 tcp_outgoing_address 192.168.10.1 All requests from 192.168.10.50 60 will go out through 192.168.10.1 3 respectively. Requests made to 192.168.10.2 3 will leave via the address they came in through. Requests made to 192.168.10.1 will go out through 192.168.10.1, using the default rule at the end. I haven't done enough recently with acls in squid to know for sure what rule will take precedence when multiple rules are matched. You may have to change the order of the rules around to make them behave exactly as you want them to. Thanks, Dean Weimer Network Administrator Orscheln Management Co. -Original Message- From: marpel78 [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 20, 2008 11:33 AM To: squid-users@squid-cache.org Subject: [squid-users] Squid virtual ips problem Hi all. I've a big problem with squid and linux box. My server has three ips 192.168.10.1 on eth0 and 192.168.10.2 (virtual eth0:1) 192..168.10.3 (eth0:2). Squid is listening on 192.168.10.1, 2 and 3 port 8080. My problem is that i should like to make a selection based on source ip. If i get a request from 192.168.10.50 i should that squid use 192.168.10.2 to go to internet. If i get a request from 192.168.10.60 i should like squit use 192.168.10.3 to go to internet. But my squid only use its physical address 192.168.10.1 to go to internet also if my clients use 192.168.10.2 or 192.168.10.3 as proxy. I try to use iptables + squid + ip route but it does not work. Any suggestion please?? Thanls -- View this message in context: http://www.nabble.com/Squid-virtual-ips-problem-tp17344754p17344754.html Sent from the Squid - Users mailing list archive at Nabble.com. -- View this message in context: http://www.nabble.com/Squid-virtual-ips-problem-tp17344754p17349963.html Sent from the Squid - Users mailing list archive at Nabble.com.
