On Wed, 23 Feb 2011 18:06:18 +0530, Senthilkumar wrote:
Thank you. When we use tcp_outgoing address and select isp . The all traffic seems to be going through the default gateway Ethernet of the squid machine and only reply comes through the tcp out going address assigned Ethernet. Eg isp1- eth1(default gateway) isp2-eth2, client- eth0 In squid.conf acl isp1 src172.16.1.48 acl isp2 src 172.16.1.56 . tcp_outgoing address < ip of isp1 > isp1 tcp_outgoing address < ip of isp2 > isp2 When we browse from client 172.16.1.56 and tcpdump eth1 we can see connections are established through eth1 which is supposed to be through eth2. But we can see reply comes through the eth2 and also whatismyip.com shows ip of isp2. This shows that default gateway isp1 is used for making all requests so that it is overloaded and the isp2 is used only for receiving requests.
What Squid is doing is setting the "from"/source IP on the packets. There is only one channel between squid and the operating system. It is entirely up to the system routing where those packets go. It sounds to me like your magic routing setup is not working or not looking at the source IP of packets coming out of the Squid machine (OUTPUT firewall chain in iptables if that is any help).
Amos
