Res: [squid-br] tcp_outgoing_address com dois links balanceados, funciona?

[Thiago Andrighetti]

Não querendo abusar mas ja abusando, qual seria o conteudo dos seus
arquivos squid_mime.rota_b e squid_files.rota_b?
 --
Thiago Andrighetti
Analista de Suporte em Software Livre
e Programador
www.thiagoapadua.com.br (Técnico)
aaventuradaescrita.blogspot.com (Hobby literário)




________________________________
De: Alexsandro <alexsan...@nerdz-x.com>
Para: squid-br@yahoogrupos.com.br
Enviadas: Sexta-feira, 4 de Junho de 2010 8:49:32
Assunto: Re: [squid-br] tcp_outgoing_address com dois links balanceados, 
funciona?

  
Dica: para fazer meu squid funcionar com dois links fiz o seguinte esquema:

## -> squid

################################################
##### Downloads de Arquivos no Link 2 #####
################################################
#
acl mime rep_mime_type -i "/router/sys/etc/squid_mime.rota_b"
acl arquivos urlpath_regex -i "/router/sys/etc/squid_files.rota_b"

http_access deny forbid
http_access allow localhost
http_access allow redelocal

tcp_outgoing_address ip_do_link_b mime
tcp_outgoing_address ip_do_link_b arquivos
tcp_outgoing_address ip_do_link_a all

#-> fim do squid

#-> variaveis

GW_LINK1 = gateway do link1
GW_LINK2 = gateway do link2

IF_LINK1 = dev do link ex eth0 ou ppp0
IF_LINK2 = dev do link ex eth1 ou ppp1
IF_WIFI = dev do link dos meus clientes

IP_DO_LINK1 = ip da interface do primeiro link de saida da internet
IP_DO_LINK2 = ip da interface do segundo link de saida da internet

#-> firewall
route add default gw $GW_LINK1

iptables -t mangle -I PREROUTING -i $IF_WIFI -p tcp --dport 80 -j MARK 
--set-mark 1
iptables -t mangle -I PREROUTING -i $IF_WIFI -p tcp --dport 53 -j MARK 
--set-mark 1
iptables -t mangle -I PREROUTING -i $IF_WIFI -p udp --dport 53 -j MARK 
--set-mark 1
iptables -t mangle -I PREROUTING -i $IF_WIFI -p tcp --dport 443 -j MARK 
--set-mark 1

iptables -t mangle -I PREROUTING -i $IF_WIFI -j MARK --set-mark 2

iptables -t mangle -I OUTPUT -p tcp --dport 80 -j MARK --set-mark 1
iptables -t mangle -I OUTPUT -p tcp --dport 53 -j MARK --set-mark 1
iptables -t mangle -I OUTPUT -p udp --dport 53 -j MARK --set-mark 1
iptables -t mangle -I OUTPUT -p tcp --dport 443 -j MARK --set-mark 1

#aqui se encontra o pulo do gato!
iptables -t mangle -A OUTPUT -s IP_DO_LINK1 -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -s IP_DO_LINK2 -j MARK --set-mark 2
#
#--> iproute2

ip rule add fwmark 1 table link1 prio 20
ip rule add fwmark 2 table link2 prio 20

ip route add default via $GW_LINK1 dev $IF_LINK1 table link1
ip route add default via $GW_LINK2 dev $IF_LINK2 table link2

ip route flush cache
ip route flush table cache

#