Re: [squid-users] squid proxy - multiple outgoing IP addresses

From: Cameron Knowlton <cameron_at_igods.com>
Date: Wed, 18 Nov 2009 10:30:57 -0800

Eureka! Finally found the problem, it was with a different setting within Squid (SquidMan, actually)... I've posted my squid.conf below in its entirety in hopes that it might help others.

The line that was messing me up was SquidMan's dynamic allowed client list:

%ALLOWEDHOSTS%

... which is in itself benign. However, I failed to include the 2nd internal IP address within SquidMan's Clients configuration, which prevented it from showing up in the AllowedHosts line.

Totally sweet, thank you for your patience, Amos et al!

Cameron Knowlton

At 10:09 AM -0800 09/11/18, Cameron Knowlton wrote:
>This DOES NOT work:
>
>http_port 24.69.160.243:3128 name=A
>http_port 24.69.177.112:3128 name=B
>
>acl fromA myportname A
>tcp_outgoing_address 24.69.160.243 fromA
>tcp_outgoing_address 24.69.160.243 !all
>
>acl fromB myportname B
>tcp_outgoing_address 24.69.177.112 fromB
>tcp_outgoing_address 24.69.177.112 !all
>
>
>24.69.160.243 sets up just fine, as that's the primary address of the machine. However, the 2nd IP on the machine (24.69.177.112) doesn't work.
>
>I'm losing my mind, why is this so challenging to pull off?! I'm running Squid Version 3.0.STABLE16 (stock on OS X Server 10.5.8), not sure if this is the problem:
>
>Squid Cache: Version 3.0.STABLE16
>configure options: '--prefix=/usr/local/squid' '--enable-delay-pools'
>
>
>Please, someone, help! I'm about to lose a **very large** client because of this inability. Thank you in advance.
>
>Cameron Knowlton

At 12:07 AM +1300 09/11/17, Amos Jeffries wrote:
>Cameron Knowlton wrote:
>>To clarify, I already have the application coded to round robin through a provided list of IP:port combinations, I simply need to get Squid to run on both local IPs.
>>
>>Supplying multiple http_port directives to Squid doesn't seem to do the trick:
>>
>>http_port 24.69.1.2:%PORT%
>>http_port 24.69.1.3:%PORT%
>>
>>I only seem to get Squid to run on 24.69.1.2. :(
>
>Some additional configuration is required:
>
> * an ACL to for each receiving port to match only traffic arriving at that port.
> * tcp_outgoing_addr using those ACL to explicitly set the Squid outbound IP on traffic arriving at a given port.
>
>For example:
>
> http_port 1.2.3.4:3128 name=A
> http_port 1.2.3.5:3128 name=B
>
> acl fromA myportname A
> tcp_outgoing_address 1.2.3.4 fromA
> tcp_outgoing_address 1.2.3.4 !all
>
> acl fromB myportname B
> tcp_outgoing_address 1.2.3.5 fromB
> tcp_outgoing_address 1.2.3.5 !all
>
>
>Amos
>--
>Please be using
> Current Stable Squid 2.7.STABLE7 or 3.0.STABLE20
> Current Beta Squid 3.1.0.14

-- 
Cameron Knowlton
iGods Internet Marketing
cameronk_at_igods.com
P: 250.382.0226
http://www.knowledgevine.net
Received on Wed Nov 18 2009 - 18:31:13 MST

This archive was generated by hypermail 2.2.0 : Wed Nov 18 2009 - 12:00:04 MST