LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-19-2006, 06:56 AM   #1
shahidbashir7861
LQ Newbie
 
Registered: May 2006
Posts: 14

Rep: Reputation: 0
multiple squid proxies routing on different internet connections


hello guys,

i am working to install two squid proxies on one same machine . ( that would not be difficult part i think ) . i have two different internet connections . and i want that if i install two proxies (say squid1 and squid2) the requests to internet from squid1 must be routed throug interface1 and request from squid2 routed through interface2. I have slight idea of working on iptables and routing commands but not able to implement the above scenario . please send me your suggestions in this regard.

regards
 
Old 10-19-2006, 07:39 AM   #2
bonowax
Member
 
Registered: Jul 2006
Location: Suburbs of Lisbon, Portugal
Distribution: Slackware, FreeBSD
Posts: 61

Rep: Reputation: 16
Hi there;

To be honest, I really don't know whether it is possible to run two instances of squid on the same host, but if it is, I don't think you'll achieve any load balancing with that - I'm assuming you want load balancing here...

I never tried it before but if I had two connections to the Internet I'd use two different squid servers. They'd share a common DNS name and the name-to-ip conversion would return different ip addresses in a round-robin fashion, and thus effectively routing network requests for proxy-able protocols to both servers...

But, like I said, never did it... If you make it work don't forget to tell me about it...

Cheers
 
Old 10-19-2006, 08:59 AM   #3
shahidbashir7861
LQ Newbie
 
Registered: May 2006
Posts: 14

Original Poster
Rep: Reputation: 0
bonowax thanks for your attention

i have got the idea what you are saying for load balancint and using dns with round robin address rosolution . well thanks for this .

infact i am trying to find a way in which we can tell an application ( or force it using iptables ) to use a specific interface as its gateway . as squid would send its request to the default gateway of the machine but i want to change it .

any thanks for your reply

but still game is on
 
Old 10-19-2006, 10:12 AM   #4
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Shahid,

You can certainly forward all the packets from interface 2 over to a different box & host another squid over it. And an existing present squid will serve from this box & interface 1 in a normal fashion.

Try implementing this
& tell me what are problems are you getting in it, someone including myself will definately help you out. Though i assure you that this setup will definately work.
 
Old 10-20-2006, 05:08 AM   #5
shahidbashir7861
LQ Newbie
 
Registered: May 2006
Posts: 14

Original Poster
Rep: Reputation: 0
thanks amit ,

is it possible to tell squid to send its internet requests from a specific interface ,

or

can we tell squid to run on specific and use iptables to SNAT on the basis of these ports and so it will be made to route on specific interface . in short can we have a source port based routing table.
 
Old 11-03-2006, 12:00 PM   #6
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Quote:
Originally Posted by shahidbashir7861
.. in short can we have a source port based routing table.
Yes you can have source port based routing table using 'policy routing' but then in your present situation how exactly are you going to get a source port (in respect of source port based routing table) for your squid outgoing requests ? (I mean they are the locally generated requests)

Source port based routing :
In a normal scenario; we usually mark packets with iptables (on source port or any other field)& then with ip rule & ip route we can re-route it to go via another interface(other than default one).

p.s: sorry for the delayed reply.
 
Old 11-05-2006, 01:37 PM   #7
shahidbashir7861
LQ Newbie
 
Registered: May 2006
Posts: 14

Original Poster
Rep: Reputation: 0
thanks for reply

dear ashmit thanks for your reply

infact someone suggested me to use

tcp_outgoing_address option in squid but that is also not working for me


yes you are right how we will assign source port for squid in this scenarion .....


i am looking on it stilll , hope we find ssomething


again thanks for being there

regards
shahid bashir
 
Old 11-06-2006, 08:04 AM   #8
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Quote:
Originally Posted by shahidbashir7861
tcp_outgoing_address option in squid but that is also not working for me
Yes it should work; How did you set it up btw?

@ Your setup : So you must be having two adsl/broadband connections & both of them are terminated at a single box & instead of doing a load balancing with them; you want both of them to serve two different client-sets sepearately.
RIGHT ???

@ two proxy setup : Yes you can do that; untill & unless they are maintaing two different heirarchy for their respective files; it shouldnt be any problem. Though with tcp_outgoing_address option.. you really do not need two different squid installations at a single box. A single squid with
tcp_outgoing_address interface1-ip CLIENT-SET1
tcp_outgoing_address interface2-ip CLIENT-SET2

However the problem you'll face here is that you cant have two default gateways over @ your box & hence the traffic to interface(without-gateway)*-ip would not go out because of the lack of a gateway-ip at it.

Hey... shahid.. with the help of MARKING packets on base of client-sets; & SNATing (iptables) we can achieve what you are looking for. (this doesnt require squid in b/w)

For one client-set we'll do a SNATing (pass onto default gateway)
For other client-set we'll set marks & then with iprule & ip route we'll pass on them to other gateway.

Thats it !!!
 
Old 11-12-2006, 01:47 PM   #9
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Shahid i have found one more solution for you;
With squid; setup two client-set to leave your box with two different interfaces
e.g.
Code:
tcp_outgoing_address if1-add client-set1
tcp_outgoing_address if2-add client-set2
& then

create ip rule to do src-address based routing & forward this to a table1
again the same way; do src-address based routing for if2-add & then forward this to table2

& finally you got lay out the routes in both of those two tables
Code:
ip rou add via if1-GW table1
ip rou add via if2-GW table2
Thts it !!!
 
Old 03-28-2013, 02:12 AM   #10
smjd7
LQ Newbie
 
Registered: Mar 2013
Posts: 3

Rep: Reputation: Disabled
squid with two gateway

Hi amitsharma

i hv configure squid 2.6 on centos 5.5
squid box hv 3 NIC
eth0= ISP1
eth1= ISP2
eth2= LAN

i follow following sanrio


In the following scenario I will assume you have two links from two ISP assigned to the same linux box
on eth0 & eth1 :
WAN1
WAN2
IP 192.168.0.10
GW 192.168.0.1
IP 172.16.0.10
GW 172.16.0.1
eth0
eth1
eth2
IP 10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
In our scenario , we want client 10.0.0.2 to reach internet through 192.168.0.10 interface and
10.0.0.3 go through 172.16.0.10.

_________________________________________________________________________________________
First let's take a look at our routing table :
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
172.16.0.0
0.0.0.0 255.255.255.0 U 1
0
0 eth1
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
Note that we have only one default gateway which is 192.168.0.1 through which all of our outoing
traffic goes to , now we need to add another gateway to the system , but without affecting the default
one.
In the following steps we will create new routing table for our second link on 172.16.0.10 and route
traffic originating from this ip through 172.16.0.1
echo 1 isp2 >> /etc/iproute2/rt_tables
ip route add 172.16.0.0/24 dev eth1 src 172.16.0.10 table isp2
ip route add default via 172.16.0.1 dev eth1 table isp2
ip rule add from 172.16.0.10/24 table isp2
ip rule add to 172.16.0.10/24 table isp2

Now we are doing with IP routing stuff , to test that your routing table is working probably try doing
traceroute using each interface at a time :
#traceroute *i eth0 8.8.8.8
1 192.168.0.1 (192.168.0.1) 0.356 ms 0.486 ms 0.513 ms
2 xxx.xx.xxx.x (xxx.xx.xxx.x) 1.813 ms 2.365 ms 2.356 ms
3 84*235*111*9.igw.com.sa (84.235.111.9) 26.949 ms 26.948 ms 27.184 ms
#traceroute *i eth1 8.8.8.8
1 172.16.0.1 (172.16.0.1) 1.046 ms 1.207 ms 1.898 ms
2 10.0.1.1 (10.0.1.1) 5.602 ms 5.605 ms 5.743 ms
3 79.133.88.13 (79.133.88.13) 104.516 ms 104.555 ms 104.850 ms

Now we are done with routing , let's me to squid.conf

_________________________________________________________________________________________
Squid Part :
Now we have three clients using our squid server , we want to map them to different outoing ip
addresses :
10.0.0.2 => 192.168.0.2
10.0.0.3 => 172.16.0.2
10.0.0.4 => 172.16.0.2
As you see , requests from 10.0.0.2 must go through 192.168.0.2 and others go through 172.16.0.2.
In squid.conf add :

acl wan1_clinets src 10.0.0.2
acl wan2_clients src 10.0.0.3
acl wan2_clients src 10.0.0.4

tcp_outgoing_address 192.168.0.2 wan1_clients
tcp_outgoing_address 172.16.0.2 wan2_clients

-------------------------------------------------------
but traffic go to default gatway, kindly correct me
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Multiple internet connections kojie Linux - Networking 2 12-08-2004 03:19 PM
Multiple Connections... Routing issue? Suse 9.1 exabrial Linux - Networking 0 07-15-2004 05:10 PM
Policy routing for multiple ppp connections paulos Linux - Networking 1 06-20-2004 02:02 AM
Routing issue with multiple ppp connections eejut Linux - Networking 5 12-02-2003 09:09 PM
Help! Two internet connections routing + port forwarding? lakoff Linux - Networking 2 09-29-2003 06:27 AM


All times are GMT -5. The time now is 06:38 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration