[squid-users] squid tcp_outgoing_address feature not working

naishal0748 naishal48shah at gmail.com
Wed Apr 15 10:21:15 UTC 2015


Hello,

I received following reply from Amos.

---------------

Welcome to the world of application layer gateways.

There is no guarantee that IPv4 is being used outbound. You may in fact
be using IPv6 to contact servers.
 All that means is that you need to set a WAN1 IPv6 address in a second
tcp_outgoing_address line for the IPv6.


Also be aware the selection of NIC is entirely up to the kernel routing
logics. Older Linux were well-known for their annoying ability to accept
or send from any NIC using any IP assigned to the machine, depending on
whether you had some voodoo setup in the routing config or not. CentOS
uses ancient enough kernels that it probably does not have the bug fixes
for that.

So, double check that Squid is actually sending from 192.168.3.15 like
you expect. If not we can help you a little further to figure out why
and see if that fixes things for you.


One other effect I've seen in action is that NAT on outbound can take
Squids tcp_outgoing_address and change it so the packets go out the
wrong NIC with different IP entirely.


Otherwise its a kernel routing problem, and we probably cant help with that.

-------------------------------

I am actually checking using traceroute from client system , and it is
always showing me 192.168.5.1 default Gateway IP.

If it is getting difficult with squid configurations, please let me know if
it is possible to implement this setup using iptables, so that iptables
directly routes the traffic from specific source towards specific Gateway /
NIC.

Anyhow, basically I want the specific source traffic to go via specific
Gateway.





--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/squid-tcp-outgoing-address-feature-not-working-tp4670741p4670748.html
Sent from the Squid - Users mailing list archive at Nabble.com.


More information about the squid-users mailing list