On 30/04/2012 23:44, Kirk Hoganson wrote:
> I would like to configure our squid proxy (Version 3.0.STABLE19 on Linux
> Ubuntu 10.04) to use a pool of addresses for outgoing connections. I
> setup squid as a transparent proxy using "http_port 3128 transparent" in
> the squid.conf, and then I setup an iptables to provide source nat
> address rotation for the multiple interfaces the proxy has available.
>
> The connections failed when attempting to source nat on the proxy. Would
> this work if I were able to use tproxy instead of transparent on the
> proxy server? Or is there another solution within squid that would allow
> it to rotate through all available interfaces?
>
> Thanks,
> Kirk
if you just need couple of outgoing addresses and not the clients IP
address intercept is fine.(not tproxy)
this kind of LB should be done using the os routing system.
a pool of addresses can be tricky because it can be done using 2 or 200
IP addresses.
i have written some good sample for "multihoming" option that is like
this and just needed to be tweaked a bit.
have a look at:
http://www.squid-cache.org/mail-archive/squid-dev/201204/0019.html
i do remember that something could have been done using iptables also
but it dont remember how it should be done.
what did you tried to do on iptables?
i also found this nice iptables method sample:
http://www.pmoghadam.com/homepage/HTML/Round-robin-load-balancing-NAT.html
Regards,
Eliezer
-- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.ilReceived on Mon Apr 30 2012 - 22:38:08 MDT
This archive was generated by hypermail 2.2.0 : Tue May 01 2012 - 12:00:05 MDT