On 19/06/11 16:14, benjamin fernandis wrote:
Hi Ragheb,
Thanks for your quick response.
======================================================
Take care banjo that for order for this to work all your client ips
must hit the cache directly and not reach the cache through a nat rule
otherwise your squid will see that all your web traffic is coming from
one single ip and thus it will shape all your inner lan traffic as one
ip and thus all your inner will be shaped to just 512kbps.
=========================================================
currently my squid 3.1 is running in transparent mode.and i used
iptables rules to transfer port 80 traffic to port 3128(squid
port).That is ok.
Is there any change required with my existing setup to achieve delay
pool facility.
Should not be.
I believe Ragheb's problem as described only occurs if your NAT is on
a different box to Squid. That precise problem being one of the several
reasons we say you MUST NOT have NAT on a separate box when doing
interception with Squid.
Same IP problem will occur if you have any other middleware (such as a
content filter) between Squid and the clients. In this case you need it
to send the X-Forwarded-For header and Squid to define trust of the
relay software with follow_x_forwarded_for access controls.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.12
Beta testers wanted for 3.2.0.8 and 3.1.12.2
