[squid-users] Squid + IPv6

IAPS Security Services, Ltd. jared at iaps.pro
Tue May 16 19:21:23 UTC 2017

Greetings All,

First time poster to the list, long time squid user.

I have an issue I've come across and I'm greatful if the community can
suggest ideas here. I've recently deployed squid for Windows from
Diladele (http://squid.diladele.com/) and they said to bring my issue to
the mail list.

Here goes:

Squid requires each individual ip to be put on the network card instead
of being permitted to use a cidr annotation for dedicated ip's. There is
a 128 ip limit for squid by default. This limit can be removed for linux
machines by re-compiling and adjusting the limits. In the ipv6
deployment that I'm trying to create, I need much more than 128 ip's.

There are no instructions, at least none that I could find in a basic
google search, on how to increase this limit on a windows deployment.
With ipv6 ip's I'm setting up individual ipv6's per squid acl's so that
users have access to specific ipv6 proxies. Only issue I have is the 128
ip limit imposed by default. Now when you have access to an ipv6 /29
range 128 usable ip's is a drop in the bucket and I'd need the ability
to have squid to use thousands of ipv6 ip addresses on demand. The first
128 work fine, but when adding the 129th, the entirety of squid
immediately stops working. The acl that I'm using looks like this:

acl ip1 myip 2axx:xxxx:285::1
tcp_outgoing_address 2axx:xxxx:285::1 ip1

acl ip2 myip 2axx:xxxx:285::2
tcp_outgoing_address 2axxxx:xxxx:285::2 ip2

How can I compile squid for windows to get around the 128 ip limit imposed?

Best Regards,

Jared Twyler

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170516/78bb0ce9/attachment.sig>

More information about the squid-users mailing list