On 7/05/2013 3:59 a.m., Joel Chen wrote:
I have a simple CentOS 6.4 server setup with 2 NICs, eth1 hooks to the
Cable Modem, eth2 hooks to the internal network at 10.10.10.1 and is
NATed.  I setup squid3 using the default config file and modified the
few items such as localnet IP etc, and then point the browser on a
machine connected to the 10.xxx network to use squid, but I can't get
anything until I added a tcp_outgoing_address eth1_ip_address entry to
squid config.  Otherwise Squid returned connection failed error.  I
looked around many tutorials and examples and it seems others don't
need tcp_outgoing_address unless they want to do some kind of
balancing etc.

I have no trouble reaching outside on my server with other programs,
such as the browser.  So I wonder how squid is working for others
without the tcp_outgoing_address while it doesn't work on my setup.
What enables squid to be able to reach the outside using the IP that's
connected to the NATed LAN?

Squid is just like any other software, it opens a socket and lets the OS decide what IP address to send from (usually the box pimary address). The OS routing systems then take over and decide how the packet will reach the destination Squid was connecting to.

For that to go wrong you have to have broken the OS packet routing systems. You said NAT was in use, so there and the routing table are the places to look. Please contact your OS firewall vendor for more help. This is nothing to do with Squid.

Amos

Reply via email to