[squid-users] tcp_outgoing_address
Amos Jeffries
squid3 at treenet.co.nz
Thu Apr 16 06:15:12 UTC 2015
On 16/04/2015 5:59 p.m., Alex Samad wrote:
> On 16 April 2015 at 14:54, Amos Jeffries wrote:
>> On 16/04/2015 3:20 p.m., Alex Samad wrote:
>>> :) Living in Australia that has just sign into law meta data
>>> recording. So I am sending some of my traffic OS via a vpn service.
>>>
>>> But I still want some things to go locally, so I was using src ip
>>> address to help my router determine which path to use.
>>>
>>> unfortunately my vpn service doesn't handle IPv6, plus from memory
>>> there is no NAT for ipv6 (last time i looked) so .. I want to allow
>>> ipv6 for somethings but I want to force all traffic for certain site
>>> via the vpn.
>>>
>>>
>>> Unfortunately I might have to just kill all ipv6 ..
>>
>> Your best hope is actually to do the *opposite*.
>>
>> Make IPv6 actually work. You can firewall IPv6 traffic going to the
>> selected set of sites IP ranges, just like you would block them if you
>> didnt want IPv4 connections to go there.
>
> Hmm okay so your saying that squid will try the ipv6 address and if it
> get a tcp reject (icmp), not available it will fail back to ipv4 ?
>
Yes. Well, it will fall back to the next route Squid is aware of. There
may be multiple IPv4 and IPv6 routes being tested.
Amos
More information about the squid-users
mailing list