Re: [squid-users] squid proxy - multiple outgoing IP addresses

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 17 Nov 2009 00:00:43 +1300

Cameron Knowlton wrote:
> I think I'm more confused than ever.
>
> I have 2 IP addresses on my computer, running over a single ethernet interface (EN0). I need to balance http GET requests coming from my machine across those 2 IP addresses, such that the remote server (let's call it coolstuff.com) sees the requests as coming from 2 different IPs.
>
> How can I configure Squid to do so?

tcp_outgoing_addr is the only way to determine the Squid sending IP via
squid.conf.

tcp_outgoing_tos can send additional hints for the OS to use in its
routing logic. But is only a hint. The routing logic needs additional
configuration to use it.

>
> thanks for your help,
> Cameron Knowlton
>
>
> At 3:37 PM +1300 09/11/16, Amos Jeffries wrote:
>> One thing I think needs to be made clear balance_on_multiple_ip ONLY makes
>> squid select different remote serve IPs from the DNS results of looking up
>> that domain name per-request. It does nothing towards the OS selection of
>> Squids' outgoing IP.
>>
>> For example; say example.com has 2 IPs (*.1 and *.2). With that setting
>> turned on.
>> Squid fetch http://example.com/ from *.1.
>> A second client request for http://example.com will fetch from *.2
>> instead.
>> A third client request will fetch from *.1, etc etc.
>>
>> Squids outgoing IP will be the system default for all three+ requests.

Hm, re-reading I see this was a badly worded example. As bad as the text
it was meant to explain. Sorry :(

This might be more expressive...

Imagine:
  Squid box has IPs (1.1.1.1 and 1.1.1.2)
  Web Server has IPs (10.1.2.3 and 10.1.2.4)

"balance_on_multiple_ip on" causes this:

  Client #1 -> Squid (1.1.1.1) -> Web Server (10.1.2.3)
  Client #2 -> Squid (1.1.1.1) -> Web Server (10.1.2.4)
  Client #3 -> Squid (1.1.1.1) -> Web Server (10.1.2.3)
  Client #4 -> Squid (1.1.1.1) -> Web Server (10.1.2.4)
  ...

instead of this:

  Client #1 -> Squid (1.1.1.1) -> Web Server (10.1.2.3)
  Client #2 -> Squid (1.1.1.1) -> Web Server (10.1.2.3)
  ...

Better?

Amos

>>
>> On Mon, 16 Nov 2009 10:09:29 +0800, "Network Administrator"
>> <admin_at_sscrmnl.edu.ph> wrote:
>>> Hi Cameron,
>>>
>>> You could try it on the kernel level, theres a good howto (lartc.org) on
>>> multiple internet connection (a crude but effective load balancing
>> style).
>>> Cheers,
>>>
>>> Nats
>>>
>>> -----Original Message-----
>>> From: Cameron Knowlton [mailto:cameron_at_igods.com]
>>> Sent: Monday, November 16, 2009 8:16 AM
>>> To: squid-users_at_squid-cache.org
>>> Subject: Re: [squid-users] squid proxy - multiple outgoing IP addresses
>>>
>>> Thanks, Landy, this looks like great information.
>>>
>>> I'm not running a load balanced machine, so I'm guessing this won't work
>>> for
>>> me? I have multiple IPs on the same ethernet interface:
>>> 24.69.1.2
>>> 24.69.1.3
>>>
>>> I'm trying to run the proxy on port 8080 over both of those local IPs.
>>>
>>> Soon, I may opt for a load balanced machine at my new installation, but
>> I
>>> need to overcome my initial proof of concept with the single interface.
>>>
>>> I feel close, can anyone point me in the right direction?
>>>
>>> thanks much,
>>> cameron knowlton
>>>
>>>
>>> At 7:00 AM -0800 09/11/14, Landy Landy wrote:
>>>> I´m running a squid server on a load balance machine with two dsl lines
>>> with
>>>> balance_on_multiple_ip on
>>>>
>>>> option and it work flawlessly.
>>>>
>>>>
>>>> --- On Fri, 11/13/09, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
>>>>
>>>>> From: Amos Jeffries <squid3_at_treenet.co.nz>
>>>>> Subject: Re: [squid-users] squid proxy - multiple outgoing IP
>> addresses
>>>>> To:
>>>>> Cc: squid-users_at_squid-cache.org
>>>>> Date: Friday, November 13, 2009, 7:21 PM
>>>>> Cameron Knowlton wrote:
>>>>>> I'm trying to configure Squid to run over multiple IP
>>>>> addresses. I found the following configuration code that
>>>>> supposedly manages the task, but I can't seem to get it
>>>>> working:
>>>>>> acl ip1 myip 24.69.1.2
>>>>>> acl ip2 myip 24.69.1.3
>>>>>> tcp_outgoing_address 24.69.1.2 ip1
>>>>>> tcp_outgoing_address 24.69.1.3 ip2
>>>>> The above depends on what your http_port and/or https_port
>>>>> settings are. And what IPs are assigned to the machine.
>>>>>
>>>>> NP: myip ACL type does not work reliably on interception
>>>>> proxies. Only of regular forward-proxies and
>>>>> reverse-proxies.
>>>>>
>>>>> Amos
>>>>> -- Please be using
>>>>> Current Stable Squid 2.7.STABLE7 or 3.0.STABLE20
>>>>> Current Beta Squid 3.1.0.14
>>>>>
>>>
>>> --
>>> Cameron Knowlton
>>> iGods Internet Marketing
>>> cameronk_at_igods.com
>>> P: 250.382.0226
>>> http://www.knowledgevine.net
>>>
>>> ---------------------------------------------------
>>> This message is solely intended to the person(s)
>>> indicated on the header and has been scanned for
>>> viruses and dangerous content by MailScanner. If
>>> any malware detected on this transmission, please
>>> email the postmaster at admin_at_sscrmnl.edu.ph.
>>>
>>> Providing Quality Catholic Education for the Masses
>>> for more info visit us at http://www.sscrmnl.edu.ph
>>>
>>> __________ Information from ESET NOD32 Antivirus, version of virus
>>> signature
>>> database 4610 (20091115) __________
>>>
>>> The message was checked by ESET NOD32 Antivirus.
>>>
>>> http://www.eset.com
>>>
>>>
>>>
>>>
>>> __________ Information from ESET NOD32 Antivirus, version of virus
>>> signature
>>> database 4610 (20091115) __________
>>>
>>> The message was checked by ESET NOD32 Antivirus.
>>>
>>> http://www.eset.com
>>>
>>>
>>>
>>> ---------------------------------------------------
>>> This message is solely intended to the person(s)
>>> indicated on the header and has been scanned for
>>> viruses and dangerous content by MailScanner. If
>>> any malware detected on this transmission, please
>>> email the postmaster at admin_at_sscrmnl.edu.ph.
>>>
>>> Providing Quality Catholic Education for the Masses
>>> for more info visit us at http://www.sscrmnl.edu.ph
>
>

-- 
Please be using
   Current Stable Squid 2.7.STABLE7 or 3.0.STABLE20
   Current Beta Squid 3.1.0.14
Received on Mon Nov 16 2009 - 11:01:27 MST

This archive was generated by hypermail 2.2.0 : Mon Nov 16 2009 - 12:00:04 MST