[squid-users] multiple instances with different outgoing addresses and 2x external nics

Antony Stone Antony.Stone at squid.open.source.it
Thu Sep 22 08:51:37 UTC 2016 

On Thursday 22 Sep 2016 at 06:47, Drikus Brits wrote:

> HI Experts,
> 
> I'm struggling to get squid to work the way i need it to.
> 
> My setup :
> 
> 1x Server : Ubuntu 14
> 3x Interfaces : 1x Inside ( 192.168.100.10 ) 2x Outside connected to DSL
> (1st = 10.0.0.2, 2nd 10.0.1.2)
> 2x default routes : 1x for each DSL link

Have you configured IProute2 or similar to use both "default" routes?

If not, and you have simply told the Linux kernel that there are two default 
routes, it will only use the first one.

> Management uses proxy address : 192.168.100.10 3128
> All else uses address : 192.168.100.10 3129
> 
> Both instances have their own configuration file and squid starts both
> instances without issues. the mngt instance is configured to use
> tcp_outgoing_address : 10.0.0.2 and all_else instance configured to use
> tcp_outgoing_address : 10.0.1.2, but when i test a website that reveals
> your outside IP, it always seems to only go out via the 1 DSL network
> and not the other.

If you have simply told the Linux kernel that there are two default routes, it 
will only use the first one.

> If i remove the default route to DSL1, then both instances works via
> DSL2. My thoughts was that if the outgoing_address is 10.0.0.2 it should
> go out via DSL1 and if outgoing_address is 10.0.1.2 it should go via
> DSL2.

Sounds very much like you need to configure IProute2 to use both paths.  Look 
up LARTC for documentation.

> If it try to use an outgoing address that is not the IP of the
> configured eth interface, then it complains about binding issues.

Well, yes.

> I'm not using any firewalls of sorts to manipulate routing at this
> stage. I really would prefer to use 1x VM (squid) instead of 2 seperate
> VMs running squid...
> 
> Any suggestions?

See above :)


Antony.

-- 
"The future is already here.   It's just not evenly distributed yet."

 - William Gibson

                                                   Please reply to the list;
                                                         please *don't* CC me.

More information about the squid-users mailing list