Edward wrote:
> I am using acl_map2_outgoing to have squid used a particular IP for
> each subnet. Remember that the subnets are setup on the router
> (cisco) (Do I need two NICs???)
You should almost never connect two NICs to the same lan segment
(physical, not logical subnet.. there may be any number of subnets on
one lan segment). If your router has two networks on the same interface,
then you should do the same on the host by using ip aliases on the NIC.
> When not use (acl_map2_outgoing ), the machine will use its ip
> address!???
When you are not using acl_map2_outgoing or tcp_outgoing_address then
your OS select the IP of the interface your routing table routes the
traffic via on the first packet of the TCP connection.
> Now when used, what is the difference in operations?
The idea is that when you use acl_map2_outgoing Squid should explicitly
select different IP's depending on your acl_map2_outgoing settings,
overriding the automatic IP selection done by the OS.
To be able to do this the IP used in acl_map2_outgoing (or
tcp_outgoing_address if only using one IP) must be an existing IP on the
host where Squid runs.
> When such a reply is made, does information comes back to to the
> "outgoing ip?" "Yes it does"!!!???
TCP always sends replies back to the source IP of the TCP connection. It
would not work otherwise. How the packets gets routed TCP does not care
about, it is a matter of routing tables.
> Good, with that in mind, what would the setup be on the NIC, routing
> and so on?
If your router has two networks on the same interface then one nic with
two networks assigned to it (one main, one alias), just as you do on the
router.
If the router is using different interfaces for each subnet, then you
should need two NICs to connect the host to the two LAN segments.
Routing should be set up to default-route to your router on any of the
two IP's. Which of the two router IP's you default rote to depends on
how you want your OS to automatically assign IP's on connections where
the application has not requested a specific source IP.
> Now if possible routing is setup in the cisco to route to one of the
> subnet containing the caching server, say 1.1.0.4. What will happen to
> the other subnet when squid use that outgoing address from that
> subnet?
Sorry, I do not understand your question. Can you please outline it in
more details?
Routing is routing between things, you cannot route to a subnet.
> Would it keep on getting bounce back?
> cisco-to-cache cache-to-cisco and so forth
If you are doing "transparent" redirection of port 80 to the cache then
you must make sure that any of the IP's the cache may use for outgoing
connections is not redirected back on the cache.
-- Henrik Nordstrom Squid HackerReceived on Sun May 06 2001 - 10:15:10 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:50 MST