<div dir="ltr"><div>>
<span style="font-size:12.8px">1) It is only possible to set an IPv6 outgoing when the server being</span><br></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">> connected to is an IPv6 server address.</span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">It doesn't matter for me, It is just a way to get a different outbound IPv6 address depending on which port the connection is made to, and both clients and servers has IPv6.</span></span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">I saw a few threads here asking for more or less the same thing except that I'm specifying the full address instead of implicit addressing to the outbound, this is where I'm stuck.</span><br></span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">>
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">2) It is only possible for Squid to use an IP address which has been</span><br style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">> allocated/assigned to the NIC.</span>
</span></div><div><br></div><div><span style="font-size:12.8px">The NIC is a network card if I understood it right. The IPv6 /64 subnet is added to the main interface and the gateway is aswell, IPv6 is fully working on the server.</span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">> FYI: the lo device is hardware restricted to one machine. It is not</span><br style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">> globally routable.</span><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><span> </span></span><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><span> </span></span><br></span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">I really don't know what I should do then... My network knowledges is somewhat limited as you may have seen. I'd appreciate any help.</span></div></div><div class="gmail_extra"><br><div class="gmail_quote">2018-04-08 14:00 GMT+02:00 <span dir="ltr"><<a href="mailto:squid-users-request@lists.squid-cache.org" target="_blank">squid-users-request@lists.squid-cache.org</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Send squid-users mailing list submissions to<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.<wbr>org</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/<wbr>listinfo/squid-users</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:squid-users-request@lists.squid-cache.org">squid-users-request@lists.<wbr>squid-cache.org</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:squid-users-owner@lists.squid-cache.org">squid-users-owner@lists.squid-<wbr>cache.org</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of squid-users digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Fwd: Outbound IPv6/128 - Possible ? (kalice caprice)<br>
2. Re: Fwd: Outbound IPv6/128 - Possible ? (Amos Jeffries)<br>
<br>
<br>
------------------------------<wbr>------------------------------<wbr>----------<br>
<br>
Message: 1<br>
Date: Sun, 8 Apr 2018 11:04:33 +0200<br>
From: kalice caprice <<a href="mailto:kalicecaprice@gmail.com">kalicecaprice@gmail.com</a>><br>
To: <a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.<wbr>org</a><br>
Subject: [squid-users] Fwd: Outbound IPv6/128 - Possible ?<br>
Message-ID:<br>
<<a href="mailto:CAAvX7kNoGVb4Bp8zGchAe4xCumQhWDs92D-aXxurBVMxB43qgw@mail.gmail.com">CAAvX7kNoGVb4Bp8zGchAe4xCumQh<wbr>WDs92D-aXxurBVMxB43qgw@mail.<wbr>gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Hello,<br>
<br>
I'm trying to bound mutiples IPv4:Port entry to a different outbound IPv6<br>
this way:<br>
<br>
http_port 94.xxx.xxx.204:10001 name=1<br>
acl ip1 myportname 1<br>
tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:<wbr>eb7c:8336 ip1<br>
<br>
http_port 94.xxx.xxx.204:10002 name=2<br>
acl ip2 myportname 2<br>
tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:<wbr>096f:b369 ip2<br>
<br>
http_port 94.xxx.xxx.204:10003 name=3<br>
acl ip3 myportname 3<br>
tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:<wbr>5fe0:eba8 ip3<br>
<br>
etc.<br>
<br>
I was not able to get it working, the cache.log is giving me (99) cannot<br>
assign requested address and fallback to the IPv4 address as an outbound<br>
address.<br>
<br>
I added the full IPv6 block inside the route -6 just in case, like this:<br>
ip -6 route add to local 2a01:xxxx:xxxx:xxxx::/64 dev lo<br>
<br>
Squid Cache: Version 3.5.23<br>
<br>
I coudn't find anyone having the same problem while searching around so I'm<br>
stuck and looking to know if it's possible or not to do it this way, if yes<br>
what am I missing ? And if not, is there a way to randomize the end part of<br>
the last 3 blocks of a /64 and if yes how ?<br>
<br>
Thanks!<br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.squid-cache.org/pipermail/squid-users/attachments/20180408/3ea91246/attachment-0001.html" rel="noreferrer" target="_blank">http://lists.squid-cache.org/<wbr>pipermail/squid-users/<wbr>attachments/20180408/3ea91246/<wbr>attachment-0001.html</a>><br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Sun, 8 Apr 2018 22:14:21 +1200<br>
From: Amos Jeffries <<a href="mailto:squid3@treenet.co.nz">squid3@treenet.co.nz</a>><br>
To: <a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.<wbr>org</a><br>
Subject: Re: [squid-users] Fwd: Outbound IPv6/128 - Possible ?<br>
Message-ID: <<a href="mailto:d1dfe39b-84c6-70ef-cb5d-8e6062a48826@treenet.co.nz">d1dfe39b-84c6-70ef-cb5d-<wbr>8e6062a48826@treenet.co.nz</a>><br>
Content-Type: text/plain; charset=utf-8<br>
<br>
On 08/04/18 21:04, kalice caprice wrote:<br>
> Hello,<br>
><br>
> I'm trying to bound mutiples IPv4:Port entry to a different outbound<br>
> IPv6 this way:<br>
<br>
HTTP does not work that way. It is a stateless and multiplexing<br>
protocol. Inbound and outbound connections are independent of each other.<br>
<br>
><br>
> http_port 94.xxx.xxx.204:10001 name=1<br>
> acl ip1 myportname 1<br>
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:<wbr>eb7c:8336 ip1<br>
><br>
> http_port 94.xxx.xxx.204:10002 name=2<br>
> acl ip2 myportname 2<br>
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:<wbr>096f:b369 ip2<br>
><br>
> http_port 94.xxx.xxx.204:10003 name=3<br>
> acl ip3 myportname 3<br>
> tcp_outgoing_address 2a01:xxxx:xxxx:xxxx:xxxx:xxxx:<wbr>5fe0:eba8 ip3<br>
><br>
> etc.<br>
><br>
> I was not able to get it working, the cache.log is giving me (99) cannot<br>
> assign requested address and fallback to the IPv4 address as an outbound<br>
> address.<br>
<br>
1) It is only possible to set an IPv6 outgoing when the server being<br>
connected to is an IPv6 server address.<br>
<br>
2) It is only possible for Squid to use an IP address which has been<br>
allocated/assigned to the NIC.<br>
<br>
<br>
><br>
> I added the full IPv6 block inside the route -6 just in case, like this:<br>
> ip -6 route add to local 2a01:xxxx:xxxx:xxxx::/64 dev lo<br>
<br>
FYI: the lo device is hardware restricted to one machine. It is not<br>
globally routable.<br>
<br>
<br>
><br>
> Squid Cache: Version 3.5.23<br>
><br>
> I coudn't find anyone having the same problem while searching around so<br>
> I'm stuck and looking to know if it's possible or not to do it this way,<br>
> if yes what am I missing ? And if not, is there a way to randomize the<br>
> end part of the last 3 blocks of a /64 and if yes how ?<br>
<br>
That is a feature of your system networking stack. Has nothing to do<br>
with Squid. Lookup "Privacy Addressing" in IPv6.<br>
<br>
Amos<br>
<br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<br>
<br>
______________________________<wbr>_________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.<wbr>org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/<wbr>listinfo/squid-users</a><br>
<br>
<br>
------------------------------<br>
<br>
End of squid-users Digest, Vol 44, Issue 8<br>
******************************<wbr>************<br>
</blockquote></div><br></div>