On 30/04/2012 23:44, Kirk Hoganson wrote:
I would like to configure our squid proxy (Version 3.0.STABLE19 on Linux
Ubuntu 10.04) to use a pool of addresses for outgoing connections. I
setup squid as a transparent proxy using "http_port 3128 transparent" in
the squid.conf, and then I setup an iptables to provide source nat
address rotation for the multiple interfaces the proxy has available.
The connections failed when attempting to source nat on the proxy. Would
this work if I were able to use tproxy instead of transparent on the
proxy server? Or is there another solution within squid that would allow
it to rotate through all available interfaces?
Thanks,
Kirk
if you just need couple of outgoing addresses and not the clients IP
address intercept is fine.(not tproxy)
this kind of LB should be done using the os routing system.
a pool of addresses can be tricky because it can be done using 2 or 200
IP addresses.
i have written some good sample for "multihoming" option that is like
this and just needed to be tweaked a bit.
have a look at:
http://www.squid-cache.org/mail-archive/squid-dev/201204/0019.html
i do remember that something could have been done using iptables also
but it dont remember how it should be done.
what did you tried to do on iptables?
i also found this nice iptables method sample:
http://www.pmoghadam.com/homepage/HTML/Round-robin-load-balancing-NAT.html
Regards,
Eliezer
--
Eliezer Croitoru
https://www1.ngtech.co.il
IT consulting for Nonprofit organizations
eliezer <at> ngtech.co.il
