[squid-users] Can I force certain destinations to ipv4?
Alex Rousskov
rousskov at measurement-factory.com
Thu Nov 21 21:35:11 UTC 2024
On 2024-11-21 08:44, Ralf Hildebrandt wrote:
> Can I force certain destinations to be reached using ipv4 only?
Not reliably. IMHO, it is a missing feature (or two).
Various tricks exist, but none of them work well in general, for various
reasons. See other responses on this thread for some specific tricks.
> I found this:
> https://superuser.com/questions/994728/force-squid-to-connect-to-sites-over-ipv4-rather-than-ipv6
>
> and implemented:
>
> acl apiendpoint dstdomain api.endpoint.example
> tcp_outgoing_address 193.175.73.216 apiendpoint
>
> 193.175.73.216 being the IP of my squid's extern a interface.
> But alas, It doesn't work. Sometimes an ipv4, sometimes an ipv6
> address is being used...
The advice you found and followed is not compatible with how modern
Squid works: When Squid is about to open a connection to an IPv6 peer,
Squid ignores all tcp_outgoing_address rules that use IPv4 addresses. In
other words, tcp_outgoing_address rules select an outgoing address
_within_ the already determined address family.
HTH,
Alex.
> Using:
> ======
>
> # squid --version
> Squid Cache: Version 6.12-VCS
>
> more precisely:
> squid-6.12-20241031-r3b53538eae
>
More information about the squid-users
mailing list