On Nov 22, 2007 8:33 AM, Ming-Ching Tiew <mingching.tiew@xxxxxxxxxxx> wrote: > From: "Siju George" <sgeorge.ml@xxxxxxxxx> > > > > > > But not something I would recommend. Many sites dislikes clients coming > > > from more than one IP during the same session. The client IP is often > > > embedded in session cookies etc, making the session fail if the IP > > > changes. > > > > > > > Yes Henrik. > > Such sites are identified and there is af firewall rule added to PF in > > OpenBSD to route them through the same interface.. But it is not a > > problem with majority of the sites. > > > > Perhaps it will be interesting for squid to have an acl called random :- > > ( is there one already ? ) > > eg > > acl rnd random 50 # 50 % > > tcp_outgoing_address x.x.x.x rnd <--- use x 50 % of time > tcp_outgoing_address y.y.y.y rnd <---- use y 50% of time > tcp_outgoing_address z.z.z.z <--- have to provide a > default in case nothing is matched > > And the random acl can be used together with other acl too ! > > eg > acl link1 dst ..... > tcp_outgoing_address x.x.x.x link1 rnd > > :-) > If you use the http://www.openbsd.org/faq/pf/pools.html#outgoing method as I use now then even through the outgoing address will be changed for 50% of the packets those same packets will be routed out through the default interface only :-( Thankyou so much kind Regards Siju
