What I need from squid is the ability to use thousands of ipv6 ip addresses in normal http mode. I am not concerned about https at this point. But the original question was how to increase the ip limit of squid past the 128 ip maximum on a Windows platform. The main purpose is to assign a specific set of ipv6 proxies to specific users. Best Regards, Jared Twyler On 5/16/2017 4:14 PM, Eliezer Croitoru wrote: > Hey, > (not sure what’s your first name) > > What do you actually need from squid, in words. > Do you need it as a caching proxy? > What functionality is the main business of squid in your scenario? > To give specific users ip addresses the option to use a specific outgoing address? > Do you need\want squid to enforce some policy else then the issue you are having? > If you only need to "load balance'" or decide which outgoing ip will be used for a specific user source IP then there are much more efficient ways to do that these days. > Also when you are talking about "big" number of users with big numbers of connections you need to be more specific about your upper limit. > If you want it to be more then 128 but less the 1024 I would say go with squid and compile it but... when you are talking about 1k+ I would recommend you to rethink your strategy. > If you don't care about SSL-BUMP for example then there are really simple ways to write a simple proxy which will do what you need, you just need the right programmer. > > All The Bests, > Eliezer > > * I am really not looking for a job to write a proxy.. but just think it's a kind suggestion to redirect into some other directions. > > ---- > Eliezer Croitoru > Linux System Administrator > Mobile: +972-5-28704261 > Email: eliezer@xxxxxxxxxxxx > > > > -----Original Message----- > From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of IAPS Security Services, Ltd. > Sent: Tuesday, May 16, 2017 10:21 PM > To: squid-users@xxxxxxxxxxxxxxxxxxxxx > Subject: Squid + IPv6 > > Greetings All, > > First time poster to the list, long time squid user. > > I have an issue I've come across and I'm greatful if the community can > suggest ideas here. I've recently deployed squid for Windows from > Diladele (http://squid.diladele.com/) and they said to bring my issue to > the mail list. > > Here goes: > > Squid requires each individual ip to be put on the network card instead > of being permitted to use a cidr annotation for dedicated ip's. There is > a 128 ip limit for squid by default. This limit can be removed for linux > machines by re-compiling and adjusting the limits. In the ipv6 > deployment that I'm trying to create, I need much more than 128 ip's. > > There are no instructions, at least none that I could find in a basic > google search, on how to increase this limit on a windows deployment. > With ipv6 ip's I'm setting up individual ipv6's per squid acl's so that > users have access to specific ipv6 proxies. Only issue I have is the 128 > ip limit imposed by default. Now when you have access to an ipv6 /29 > range 128 usable ip's is a drop in the bucket and I'd need the ability > to have squid to use thousands of ipv6 ip addresses on demand. The first > 128 work fine, but when adding the 129th, the entirety of squid > immediately stops working. The acl that I'm using looks like this: > > acl ip1 myip 2axx:xxxx:285::1 > tcp_outgoing_address 2axx:xxxx:285::1 ip1 > > acl ip2 myip 2axx:xxxx:285::2 > tcp_outgoing_address 2axxxx:xxxx:285::2 ip2 > > How can I compile squid for windows to get around the 128 ip limit imposed? >
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
