[squid-users] How to make squid use ipv4 only for connecting to websites
rs-squid at lists.microscopium.de
Fri Oct 18 14:17:51 UTC 2019
I am running squid on a dual stacked host. Both ipv4 and ipv6
connectivity is fully functional.
Now there's a group of clients that should be configured to load
websites via ipv4 only.
acl proxy-extra localip fd10:96e4:b552::43
acl proxy-extra localip 172.16.4.243
I know there's an acl that can be used to identify ipv6 destinations.
acl to_ipv6 dst ipv6
I tried to block outgoing ipv6 with
always_direct deny to_ipv6
but that makes dual stacked websites completely unreachable, no
The only way I found so far is to set an invalid ipv6 outgoing address:
tcp_outgoing_address fd20::1 proxy-extra
tcp_outgoing_address 172.16.4.244 proxy-extra
where fd20::1 simply does not exist on the host system.
This shows the results I want when browsing to test sites like
http://ipv6-test.com (ipv4 connectivity only).
But I am not sure if setting invalid addresses is really desirable...
So, is there a better / more elegant way to tell squid to use ipv4 only
when serving request for certain clients?
More information about the squid-users