On Thursday, June 02, 2011 01:03:06 AM Amos Jeffries wrote: > On 02/06/11 19:41, errno wrote: > > Just to confirm: > > > > If I have multiple ip aliases assigned to the same physical nic, will > > there still be port conflicts on an ip (aliased) based multi-instanced > > squid server? > > There is rarely a need for the combo of IP aliasing + Squid. > You know, maybe this just now actually clicked in my brain... So, let's say that we did have a few different aliased IPs (on different subnets): For example: eth0 -> 192.196.0.2 eth0:1 -> 192.196.1.2 eth0:2 -> 192.196.2.2 eth0:3 -> 192.168.3.2 Rather than setting up, say, 4 separate instances of squid - one per subnet - I'm thinking why not just set up 1 single instance (say, on 192.196.0.2), then just use iptables to redirect any traffic hitting the other IPs (192.196.1.2 through 192.168.3.2) to the 192.196.0.2? Then the single squid.conf would be configured (somehow) to use the appropriate tcp_outgoing_address(?), or something? Something like: incoming request to 192.196.2.2:80 -> iptables passes it to 192.196.0.2:80 -> squid receives request on 192.196.0.2, but dispatches back out 192.196.2.2 ??? Something along those lines? Or can I achieve the same effect w/o iptables - by just supplying multiple ip:ports to http_port ? The primary concern is that if a request to squid comes in on one particular address, that squid will ensure that this request leaves squid with the same tcp_outgoing_address - which is why we were (naively?) using multiple separate instances... each instance had: include /etc/squid/squid_common.conf access_log /var/log/squid/access_192.168.0.2.log squid auth_param basic program /usr/libexec/squid/ncsa_auth /etc/squid/passwd http_port 192.168.0.2:8002 tcp_outgoing_address 192.168.0.2 pid_filename /var/run/squid_192.168.0.2.pid visible_hostname 192.168.0.2 Thanks for helping to clear my confusion and possible derive a much simpler and easier to maintain squid service; and huge thanks to Amos for the incredible amount of time and assistance he offers on this list!
