[squid-users] need outgoing addresses without duplication over big pool of addresses

Eliezer Croitoru eliezer at ngtech.co.il
Mon Feb 5 03:05:26 UTC 2018


Hey Ahmad,

What you need is a router\nat proxy that can do this for you.
Squid alone cannot do that.
If you really need such a thing you will need to write a router which supports tproxy and will be the edge of your squid or another proxy.
What can do in another way is to write a backend proxy that intercepts the connections and hands them over to the local squid instance with a PROXY protocol enabled and this will force squid to fake the outgoing address of the "client" that the backend states the client is.
It's not simple to handle but with enough knowledge it is possible.
I know it works for IPv4 but I think that Squid-Cache yet to support the PROXY protocol with IPv6.
If ineed squid supports IPv6 then it's doable but I believe you will need another software then Squid-Cache which will be customized only for your requirement.

All The Bests,
Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il



-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of --Ahmad--
Sent: Sunday, February 4, 2018 11:53
To: squid-users at squid-cache.org
Subject: [squid-users] need outgoing addresses without duplication over big pool of addresses

Hello Folks .

I’m trying to deploy squid with IPV6 solution that can give me outgoing address without any duplication .

say i have 10 millions of ip addresses on server ( IPV6 addresses ) /64 subnet .

and i have single port as back connect that will rotate the eternal ip address from that list of addresses for each request 


I’m aware of squid random acl but there is like 1.5 % duplication over 1 hour  which i guess its normal behaviour for rotation random protocol .

my question is  :

what options in squid ACL or random algorithm that can randomise each request without any kind of duplication .

is there a way that we let squid on each request have outgoing address in sequence way .

say i have 10 millions of ips

and if i i made 10 millions of request i have 10 million non duplication outgoing address ?

plz let me know if this can be done from squid 

or  other tools like HA
or operation system itself .

i was searching BTW about NAT66 but couldn’t find any way to make NAT from IPV6 to other IPV6 

i know No nat needed with IPV6 , but i found new kernels do support MASQ in IPV6 Nat .

lets hope we have great discussion and best practise on achieving the goal above .


cheers 
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users



More information about the squid-users mailing list