On 12/2/97 2:55 PM, jeff (jeff@summer.lys.com) wrote:
>Hi,
>
>I have one question about the squid.conf.
>I want use one IP address (24.3.145.1) for squid program
>to access Internet and this IP address will not be default gateway IP.
>Would you tell me how to setup ?
>
>I'm using Slackware Linux 2.0.0 and squid 1.1.14
>
>207.207.202.0/24, 24.3.145.0/24 are real Internet IP address
>129.129.202.0/24 is my Intranet IP addresses.
Eek! Please don't pick addresses out of thin air! In this case the
129.129.x.x block belongs to the Paul Scherrer Institute in
Switzerland... I would recommend changing your "intranet" block to an
official intranet address such as the 192.168.x.x block.
>Interface ppp0 will handle another Intranet(129.101.101.0/24).
Once again, the address range 129.101.101.0 belongs to Epoch Networks...
>All the clients are on 207.207.202.0, 129.129.202.0, 129.101.101 sides.
Your subnet allocation for LYS-NET is 207.207.202.128/255.255.255.224,
not 207.207.202.0/255.255.255.0. I would advise that you change that if
you want to avoid problems.
Have squid bind to your @Home IP address for out going connections.
Implement the attached routing table with the 2.0.32 kernel. This is the
important part. Make sure to specify the device when defining both
default routes. The order is important too. The routing table is executed
in a linear fashion with the first match. So, in order to have all of
your traffic go through the router of your choice, it needs to be the
first in the list. I am hoping that squid will bind to the correct
interface along with the correct address...
If this proves not to work, come back and bug me, I'll try to get squid
to bind to the correct ethernet adapter. In the mean time, use @Home's
proxies (no-query & default to make it work, since they use the Non-ICP
aware Netscape caches for political reasons).
(Why you choose not to use Linux IP Masquerading and route all of your
Internet traffic through @Home, I don't know...)
I would recommend the following routing table:
(With comments starting with a #)
Kernel routing table
Destination Gateway Genmask Flags MSS Window Use
Iface
207.207.202.137 * 255.255.255.255 UH 1500 0 0
dummy1
207.207.202.136 * 255.255.255.255 UH 1500 0 0
dummy2
207.207.202.143 * 255.255.255.255 UH 1500 0 0
dummy4
207.207.202.141 * 255.255.255.255 UH 1500 0 0
ppp0
# Your offocial Internet Block, note the correct subnet!
207.207.202.128 * 255.255.255.224 U 1500 0 0
eth0
# Safe Intranet Block
192.168.1.0 * 255.255.255.0 U 1500 0 0
eth1
# @Home's Network, you might want to verify with @Home on what the correct
# subnet is for your area. In Fremont California, it's 255.255.240.0, but
it
# could be anything over in New Jersy where you live.
24.3.145.0 * 255.255.240.0 U 1500 0 0
eth2
127.0.0.0 * 255.0.0.0 U 3584 0 0 lo
# the default, default router
default 207.207.202.129 * UG 1500 0 0
eth0
# the default router for apps bound to this interface
default 24.3.145.1 * UG 1500 0 0
eth2
>Current routing table
>
>Kernel routing table
>Destination Gateway Genmask Flags MSS Window Use Iface
>207.207.202.137 * 255.255.255.255 UH 1500 0 0
>dummy1
>207.207.202.136 * 255.255.255.255 UH 1500 0 0
>dummy2
>207.207.202.143 * 255.255.255.255 UH 1500 0 0
>dummy4
>207.207.202.141 * 255.255.255.255 UH 1500 0 1 ppp0
>207.207.202.0 * 255.255.255.0 U 1500 0 30 eth0
>129.129.202.0 * 255.255.255.0 U 1500 0 19 eth1
>24.3.145.0 * 255.255.255.0 U 1500 0 37 eth2
>127.0.0.0 * 255.0.0.0 U 3584 0 35 lo
>default 24.3.145.1 * UG 576 0 513 eth2
>
>
>
>New routing table
>
>Kernel routing table
>Destination Gateway Genmask Flags MSS Window Use Iface
>207.207.202.137 * 255.255.255.255 UH 1500 0 0
>dummy1
>207.207.202.136 * 255.255.255.255 UH 1500 0 0
>dummy2
>207.207.202.143 * 255.255.255.255 UH 1500 0 0
>dummy4
>207.207.202.141 * 255.255.255.255 UH 1500 0 1 ppp0
>207.207.202.0 * 255.255.255.0 U 1500 0 30 eth0
>129.129.202.0 * 255.255.255.0 U 1500 0 19 eth1
>24.3.145.0 * 255.255.255.0 U 1500 0 37 eth2
>127.0.0.0 * 255.0.0.0 U 3584 0 35 lo
>default 207.207.202.129 * UG 576 0 513 eth0
>
>
>Many thanks
>
>Jeff Liao
>
>mailto: jeff@lys.com
>
>
----------------------------------------------------------------------
Dave Zarzycki Student
Intern San Jose State University
Apple Computer, Inc. dzarzyck@email.sjsu.edu
zarzycki@apple.com zarzycki@ricochet.net
----------------------------------------------------------------------
PGP Fingerprints (RSA): 8AF2 1040 8A9C D025 47BE 70DD A51C C887
DSS/Diffie-Hellman: CB9E 2621 B4BA 3F96 3516 B312 15B4 D842 3809 EF99
Contact pgpkeys.mit.edu for my public keys.
Received on Tue Dec 02 1997 - 17:00:51 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:49 MST