On Wed, 23 Feb 2011 18:06:18 +0530, Senthilkumar wrote:
> Thank you.
>
> When we use tcp_outgoing address and select isp . The all traffic
> seems to be going through the default gateway Ethernet of the squid
> machine and only reply comes through the tcp out going address
> assigned Ethernet.
>
> Eg isp1- eth1(default gateway) isp2-eth2, client- eth0
> In squid.conf
> acl isp1 src172.16.1.48
> acl isp2 src 172.16.1.56 .
> tcp_outgoing address < ip of isp1 > isp1
> tcp_outgoing address < ip of isp2 > isp2
>
> When we browse from client 172.16.1.56 and tcpdump eth1 we can see
> connections are established through eth1 which is supposed to be
> through eth2. But we can see reply comes through the eth2 and also
> whatismyip.com shows ip of isp2. This shows that default gateway isp1
> is used for making all requests so that it is overloaded and the isp2
> is used only for receiving requests.
What Squid is doing is setting the "from"/source IP on the packets.
There is only one channel between squid and the operating system. It is
entirely up to the system routing where those packets go. It sounds to
me like your magic routing setup is not working or not looking at the
source IP of packets coming out of the Squid machine (OUTPUT firewall
chain in iptables if that is any help).
Amos
Received on Wed Feb 23 2011 - 22:15:08 MST
This archive was generated by hypermail 2.2.0 : Fri Feb 25 2011 - 12:00:03 MST