Re: [squid-users] tcp_outgoing_address problem, pls help!

From: Rosen Petkov <sense_net@dont-contact.us>
Date: Sat, 08 Jun 2002 22:21:10 +0300 (EEST)

Henrik Nordstrom <hno@marasystems.com> wrote:

> This smells like a routing problem rather than a Squid problem. Squd
> can only control which IP address it will select for connections
> Squid makes, not how traffic will be routed.

  I think this can't be routing problem because I setup route for
172.xxx.xxx.xxx with iproute2 to go always to ppp0 (VPN):

/etc/ppp/ip-up
ip rule add from 172.xxx.xxx.xxx table VPN
ip route add default via $5 dev $1 table VPN
ip route flush cache

wich means, all packets from 172.xxx.xxx.xxx to go always through
ppp0 (VPN). I need this because answers to request originated form
172.xxx.xxx.xxx are returned to my linux box via one-way satellite
(DVB). Is there a method of checking whether Squid always use
172.xxx.xxx.xxx instead of 62.xxx.xxx.xxx?

>
> Normally there is no need to use tcp_outgoing_address, as in 99% of
> all correct host setups the host OS will pick the correct IP address.
> This is true even in precense of VPN connections.
>
I need it, because I want all answers to requests from Squid to be
returned via satellite instead of my default route.

> Only if you want Squid to behave differently than other traffic
> initiated by your host you need to set tcp_outgoing_address.
>
All is setup corectly, but I can't understand why some (for now 3)
sites answers to Squid (first request from Squid are through VPN)
directly via my default route (eth1) instead to VPN?

  Another problem that I have is: Squid didn't resume files
both from http or ftp sites, where can I look to solve this problem?
How can I tell Squid always to use passive mode for FTP ?

  Best Regards,
              / R. Petkov /

> Regards
> Henrik
>
>
> On Saturday 08 June 2002 15:51, Rosen Petkov wrote:
> > Hello All,
> >
> > I have problem with Squid tcp_outgoing_address: I can access
> > Internet in two ways, directly from eth1 (default gateway) and
> > through VPN server that is located far away from me and is accessed
> > through VPN over Internet. I have setup Squid correcty and is
> > working fine except for some sites. I have - tcp_outgoing_address
> > 172.xxx.xxx.xxx in squid.conf but for some sites Squid makes first
> > request to destination web server through VPN and then all data
> > exchanged between Squid and destination web server is directly
> > through eth1 (default gateway) not over VPN. Can someone give me
> > advise how to setup Squid always to use VPN and not to use eth1
> > (default gateway) for exchanging data with web servers.
>
>

__________________________________
12MB-POP3-WAP-SMS---TOBA-E-mail.bG
----------------------------------

" Ako uckame u Bue agpec B mail.bg
ugeme myk: http://www.mail.bg/new/ "
Received on Sat Jun 08 2002 - 16:08:08 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:37 MST