On 15/04/2015 10:21 p.m., naishal0748 wrote: > Hello, > > I received following reply from Amos. > > --------------- > > Welcome to the world of application layer gateways. > > There is no guarantee that IPv4 is being used outbound. You may in fact > be using IPv6 to contact servers. > All that means is that you need to set a WAN1 IPv6 address in a second > tcp_outgoing_address line for the IPv6. > > > Also be aware the selection of NIC is entirely up to the kernel routing > logics. Older Linux were well-known for their annoying ability to accept > or send from any NIC using any IP assigned to the machine, depending on > whether you had some voodoo setup in the routing config or not. CentOS > uses ancient enough kernels that it probably does not have the bug fixes > for that. > > So, double check that Squid is actually sending from 192.168.3.15 like > you expect. If not we can help you a little further to figure out why > and see if that fixes things for you. > > > One other effect I've seen in action is that NAT on outbound can take > Squids tcp_outgoing_address and change it so the packets go out the > wrong NIC with different IP entirely. > > > Otherwise its a kernel routing problem, and we probably cant help with that. > > ------------------------------- > > I am actually checking using traceroute from client system , and it is > always showing me 192.168.5.1 default Gateway IP. > >From the client system you will only ever see the IPs on the client->Squid connection. Not the details of the Squid->origin connection. Squid has zero control over what TCP connections the *client* opens. You need to use tcpdump on the Squid machine, or machine(s) at the other end of the WAN1/2 connections to see what the Squid->origin traffic uses. > If it is getting difficult with squid configurations, please let me know if > it is possible to implement this setup using iptables, so that iptables > directly routes the traffic from specific source towards specific Gateway / > NIC. Routing is configured with the "ip route" tool, not the iptables (NAT and firewall tool). To see what your current routing does, run: ip -4 route show ip -6 route show > > Anyhow, basically I want the specific source traffic to go via specific > Gateway. Understood. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
