[squid-users] tcp_outgoing_address
Alex Samad
alex at samad.com.au
Thu Apr 16 02:33:57 UTC 2015
Hi
Is there any way to make some sites to be access only via ipv4 ? So
even if there is a ipv6 address I reject it
Thanks
Alex
On 15 April 2015 at 19:52, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 15/04/2015 8:32 p.m., Alex Samad wrote:
>> Hi
>>
>> I have squid-3.5.2-2.el6.x86_64 on centos 6.6
>>
>> I am trying to direct certain destinations from certain ip addresses
>>
>>
>> acl viaTest dstdomain .abc.com
>>
>> tcp_outgoing_address 192.168.11.11 viaTEst
>>
>> This works well for
>>
>> www.abc.com and test.abc.com when they resolve to ipv4 addresses
>> but when they resolved to ipv6 it fails :(
>
> Because 192.168.11.11 is not an IPv6 address. Squid cannot use it to
> contact *.abc.com over IPv6.
>
> Configure a tcp_outgoing_address line with an IPv6 address to handle the
> IPv6 connections.
>
>
>>
>> so I tried added
>>
>> dns_v4_first on
>>
>> but it doesn't seem to help :(
>>
>> So am i right in presuming that because the name resolution happens
>> first and because it goes to IPv6 it will not going out with a src of
>> 192.168.11.11
>>
>> why doesn't the ipv4 first flag work ?
>
> All that does is tell Squid to sort the DNS results so that it tries the
> IPv4 connections before the IPv6 ones. It will greatly reduce the amount
> of IPv6 outbound traffic, but still allow IPv6 to be used for
> destinations that need it.
>
> * For any site which is IPv4-only or IPv6-only it has no effect.
>
> * For any site whose IPv4 connectivity is broken or overloaded, the IPv6
> routes will be attempted at some point anyway.
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list