Re: [squid-users] Re: squid-users Digest 30 May 2011 21:52:13 -0000 Issue 3813Re: [squid-users] one squid, two subnets, two routes.. HELP!

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 03 Jun 2011 16:48:28 +1200

On 02/06/11 17:29, Roland Roland wrote:
> Thanks for the advice, yes it's on a linux box.
>
> Though i have both IPs coming from the same Router.
> and not connected to a public ISP.
> routing is done on the routers side..
>
> In other terms if i understood your advice correctly i'll do the following:
>
> IPs assigned to Squid box:
>
> 192.168.1.X #primary IP
> 192.168.1.y #secondary IP
>
> Squid:
>
> acl Subnet#1 src 192.168.1.0/24
> acl Subnet#2 src 192.168.2.0/24
> tcp_outgoing_address 192.168.1.x Subnet#1
> tcp_outgoing_address 192.168.1.y Subnet#2
>
> Router:
>
> src Subnet#1 dst ISP#1
> src Subnet#2 dst ISP#2
>
>
> Would the above setup work ?

Yes.

> i've read about a sort of persistent connections problem, any advice
> about that?

tcp_outgoing_address is only determined for new connections in Squid so far.

Persistent connections prevent a flood of TCP handshakes by mutiplexing
requests which are destined to the same server down the same outgoing
TCP link. If a persistent connection is determined as the best source,
you will be "stuck" as it were with the particular outgoing IP that
connection was created with.

You can "server_persistent_connections off". In the modern HTTP/1.1 +
Web/2.0 Internet its not such a good idea though.

>
> Thanks for your help,
>
> --Roland
>
>
>
>> Assuming you are using Linux , first you have to create proper routing
>> table for both ISPs , linking each IP to its gateway. Once you are
>> done with that , you can use tcp_outgoing_address in squid to redirect
>> each subnet is IPs to the proper ISP.
>

The above limit stands. Regardless of whether it is done in the Squid
box or in a router halfway around the world. All Squid can do is use a
particular IP talking to TCP. If routing sends the packets down the
wrong path there is nothing Squid can do.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.12
   Beta testers wanted for 3.2.0.8 and 3.1.12.2
Received on Fri Jun 03 2011 - 04:48:33 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 03 2011 - 12:00:01 MDT