[squid-users] Fwd: Outbound IPv6/128 - Possible ?
Amos Jeffries
squid3 at treenet.co.nz
Sun Apr 8 10:14:21 UTC 2018
On 08/04/18 21:04, kalice caprice wrote:
> Hello,
>
> I'm trying to bound mutiples IPv4:Port entry to a different outbound
> IPv6 this way:
HTTP does not work that way. It is a stateless and multiplexing
protocol. Inbound and outbound connections are independent of each other.
>
> http_port 94.xxx.xxx.204:10001 name=1
> acl ip1 myportname 1
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:eb7c:8336 ip1
>
> http_port 94.xxx.xxx.204:10002 name=2
> acl ip2 myportname 2
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:096f:b369 ip2
>
> http_port 94.xxx.xxx.204:10003 name=3
> acl ip3 myportname 3
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:5fe0:eba8 ip3
>
> etc.
>
> I was not able to get it working, the cache.log is giving me (99) cannot
> assign requested address and fallback to the IPv4 address as an outbound
> address.
1) It is only possible to set an IPv6 outgoing when the server being
connected to is an IPv6 server address.
2) It is only possible for Squid to use an IP address which has been
allocated/assigned to the NIC.
>
> I added the full IPv6 block inside the route -6 just in case, like this:
> ip -6 route add to local 2a01:xxxx:xxxx:xxxx::/64 dev lo
FYI: the lo device is hardware restricted to one machine. It is not
globally routable.
>
> Squid Cache: Version 3.5.23
>
> I coudn't find anyone having the same problem while searching around so
> I'm stuck and looking to know if it's possible or not to do it this way,
> if yes what am I missing ? And if not, is there a way to randomize the
> end part of the last 3 blocks of a /64 and if yes how ?
That is a feature of your system networking stack. Has nothing to do
with Squid. Lookup "Privacy Addressing" in IPv6.
Amos
More information about the squid-users
mailing list