Re[2]: [squid-users] Two Links from Sergey A. Kobzar on 2007-05-07 (squid-users)

From: Sergey A. Kobzar <ksa@dont-contact.us>
Date: Mon, 7 May 2007 22:17:04 +0300

Hello Fabio,

You must bind Squid to interface which is connected to link2 and use
PBR (policy-based routing) based on src address.

How to do this is question to other mailing lists.
Short answer - use iptables + iproute2.

Google will help you:
http://www.wlug.org.nz/SourceBasedRouting
http://answers.google.com/answers/threadview?id=274082
for example.

Good luck ;)

Monday, May 7, 2007, 9:30:27 PM, you wrote:

> Hi... i tryed it... the default gw of my squid BOX is 192.168.2.252
> and my other link is 192.168.1.1 and the i set the
> tcp_outgoing_address to 192.168.1.1...

> but when i try to open any site i get it...
> The following error was encountered:

> Socket Failure
> The system returned:

> (99) Cannot assign requested address

> My routing table is

> 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> 0.0.0.0 192.168.2.252 0.0.0.0 UG 0 0 0 eth0

> Do i need to configure something else in squid box??

> Regards,

> Fabio

> On 5/7/07, Fabio Silva <fssilva@gmail.com> wrote:
>> Hi, the os is a OpenSuse, and i have no firewall in this machine...
>>
>> The tcp_outgoing_address solve this problem??
>>
>> The tcp_outgoing_address is the address of the router of link2?
>>
>> Regards,
>>
>>
>> On 5/7/07, K K <kkadow@gmail.com> wrote:
>> > On 5/7/07, Fabio Silva <fssilva@gmail.com> wrote:
>> > > Hi all, i need to configure a squid server in a machine but i need to
>> > > send the traffic of squid to another link!
>> > >
>> > > link1 link2
>> > > squid BOX
>> > >
>> > > The link1 is the default GW of the network but i need to send the
>> > > traffic to the link2...
>> >
>> > What is the host OS? Are you using PF or some other host packet-filter?
>> >
>> > If you do not need failover to link1, the solution could be as simple
>> > as setting tcp_outgoing_address in squid.conf to be the local IP for
>> > the interface towards link2, and then, if necessary, using
>> > source-based routing in the kernel/packet filter or in a router to
>> > force traffic showing this source IP to always go out via link2.
>> >
>> > Kevin
>> >
>>
>>
>> --
>> Fabio S. Silva
>>

-- 
Best regards,
 Sergey                            mailto:ksa@uaic.net

Received on Mon May 07 2007 - 13:17:11 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT