[squid-users] squid-users Digest, Vol 44, Issue 8

kalice caprice kalicecaprice at gmail.com
Sun Apr 8 12:48:42 UTC 2018


> 1) It is only possible to set an IPv6 outgoing when the server being
> connected to is an IPv6 server address.

It doesn't matter for me, It is just a way to get a different outbound IPv6
address depending on which port the connection is made to, and both clients
and servers has IPv6.
I saw a few threads here asking for more or less the same thing except that
I'm specifying the full address instead of implicit addressing to the
outbound, this is where I'm stuck.

> 2) It is only possible for Squid to use an IP address which has been
> allocated/assigned to the NIC.

The NIC is a network card if I understood it right. The IPv6 /64 subnet is
added to the main interface and the gateway is aswell, IPv6 is fully
working on the server.

> FYI: the lo device is hardware restricted to one machine. It is not
> globally routable.

I really don't know what I should do then... My network knowledges is
somewhat limited as you may have seen. I'd appreciate any help.

2018-04-08 14:00 GMT+02:00 <squid-users-request at lists.squid-cache.org>:

> Send squid-users mailing list submissions to
>         squid-users at lists.squid-cache.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.squid-cache.org/listinfo/squid-users
> or, via email, send a message with subject or body 'help' to
>         squid-users-request at lists.squid-cache.org
>
> You can reach the person managing the list at
>         squid-users-owner at lists.squid-cache.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of squid-users digest..."
>
>
> Today's Topics:
>
>    1. Fwd: Outbound IPv6/128 - Possible ? (kalice caprice)
>    2. Re: Fwd: Outbound IPv6/128 - Possible ? (Amos Jeffries)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 8 Apr 2018 11:04:33 +0200
> From: kalice caprice <kalicecaprice at gmail.com>
> To: squid-users at lists.squid-cache.org
> Subject: [squid-users] Fwd: Outbound IPv6/128 - Possible ?
> Message-ID:
>         <CAAvX7kNoGVb4Bp8zGchAe4xCumQhWDs92D-aXxurBVMxB43qgw at mail.
> gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hello,
>
> I'm trying to bound mutiples IPv4:Port entry to a different outbound IPv6
> this way:
>
> http_port 94.xxx.xxx.204:10001 name=1
> acl ip1 myportname 1
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:eb7c:8336 ip1
>
> http_port 94.xxx.xxx.204:10002 name=2
> acl ip2 myportname 2
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:096f:b369 ip2
>
> http_port 94.xxx.xxx.204:10003 name=3
> acl ip3 myportname 3
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:5fe0:eba8 ip3
>
> etc.
>
> I was not able to get it working, the cache.log is giving me (99) cannot
> assign requested address and fallback to the IPv4 address as an outbound
> address.
>
> I added the full IPv6 block inside the route -6 just in case, like this:
> ip -6 route add to local 2a01:xxxx:xxxx:xxxx::/64 dev lo
>
> Squid Cache: Version 3.5.23
>
> I coudn't find anyone having the same problem while searching around so I'm
> stuck and looking to know if it's possible or not to do it this way, if yes
> what am I missing ? And if not, is there a way to randomize the end part of
> the last 3 blocks of a /64 and if yes how ?
>
> Thanks!
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.squid-cache.org/pipermail/squid-users/
> attachments/20180408/3ea91246/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Sun, 8 Apr 2018 22:14:21 +1200
> From: Amos Jeffries <squid3 at treenet.co.nz>
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] Fwd: Outbound IPv6/128 - Possible ?
> Message-ID: <d1dfe39b-84c6-70ef-cb5d-8e6062a48826 at treenet.co.nz>
> Content-Type: text/plain; charset=utf-8
>
> On 08/04/18 21:04, kalice caprice wrote:
> > Hello,
> >
> > I'm trying to bound mutiples IPv4:Port entry to a different outbound
> > IPv6 this way:
>
> HTTP does not work that way. It is a stateless and multiplexing
> protocol. Inbound and outbound connections are independent of each other.
>
> >
> > http_port 94.xxx.xxx.204:10001 name=1
> > acl ip1 myportname 1
> > tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:eb7c:8336 ip1
> >
> > http_port 94.xxx.xxx.204:10002 name=2
> > acl ip2 myportname 2
> > tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:096f:b369 ip2
> >
> > http_port 94.xxx.xxx.204:10003 name=3
> > acl ip3 myportname 3
> > tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:5fe0:eba8 ip3
> >
> > etc.
> >
> > I was not able to get it working, the cache.log is giving me (99) cannot
> > assign requested address and fallback to the IPv4 address as an outbound
> > address.
>
> 1) It is only possible to set an IPv6 outgoing when the server being
> connected to is an IPv6 server address.
>
> 2) It is only possible for Squid to use an IP address which has been
> allocated/assigned to the NIC.
>
>
> >
> > I added the full IPv6 block inside the route -6 just in case, like this:
> > ip -6 route add to local 2a01:xxxx:xxxx:xxxx::/64 dev lo
>
> FYI: the lo device is hardware restricted to one machine. It is not
> globally routable.
>
>
> >
> > Squid Cache: Version 3.5.23
> >
> > I coudn't find anyone having the same problem while searching around so
> > I'm stuck and looking to know if it's possible or not to do it this way,
> > if yes what am I missing ? And if not, is there a way to randomize the
> > end part of the last 3 blocks of a /64 and if yes how ?
>
> That is a feature of your system networking stack. Has nothing to do
> with Squid. Lookup "Privacy Addressing" in IPv6.
>
> Amos
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>
> ------------------------------
>
> End of squid-users Digest, Vol 44, Issue 8
> ******************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180408/d6ccde7d/attachment.html>


More information about the squid-users mailing list