Squid with Multi Gatway

smjd7 · 03-29-2013, 01:37 AM

Hi guys

i hv configure squid 2.6 on centos 5.5
squid box hv 3 NIC
eth0= ISP1
eth1= ISP2
eth2= LAN

ISP 1
IP 192.168.0.10
GW 192.168.0.1

ISP2
IP 172.16.0.10
GW 172.16.0.1

LAN
IP 10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4

we want client 10.0.0.2 to reach internet through 192.168.0.10 interface and
10.0.0.3 go through 172.16.0.10.

our routing table :
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
172.16.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth1
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0

we have only one default gateway which is 192.168.0.1 through which all of our outoing
traffic goes to , now we need to add another gateway to the system , but without affecting the default
one.
In the following steps we will create new routing table for our second link on 172.16.0.10 and route
traffic originating from this ip through 172.16.0.1

echo “1 isp2” >> /etc/iproute2/rt_tables
ip route add 172.16.0.0/24 dev eth1 src 172.16.0.10 table isp2
ip route add default via 172.16.0.1 dev eth1 table isp2
ip rule add from 172.16.0.10/24 table isp2
ip rule add to 172.16.0.10/24 table isp2

Now we are doing with IP routing stuff , to test that your routing table is working probably try doing
traceroute using each interface at a time :
#traceroute *i eth0 8.8.8.8
1 192.168.0.1 (192.168.0.1) 0.356 ms 0.486 ms 0.513 ms
2 xxx.xx.xxx.x (xxx.xx.xxx.x) 1.813 ms 2.365 ms 2.356 ms
3 84*235*111*9.igw.com.sa (84.235.111.9) 26.949 ms 26.948 ms 27.184 ms
#traceroute *i eth1 8.8.8.8
1 172.16.0.1 (172.16.0.1) 1.046 ms 1.207 ms 1.898 ms
2 10.0.1.1 (10.0.1.1) 5.602 ms 5.605 ms 5.743 ms
3 79.133.88.13 (79.133.88.13) 104.516 ms 104.555 ms 104.850 ms

let's do with squid.conf

Squid Part :
Now we have three clients using our squid server , we want to map them to different outoing ip
addresses :
10.0.0.2 => 192.168.0.2
10.0.0.3 => 172.16.0.2
10.0.0.4 => 172.16.0.2
As you see , requests from 10.0.0.2 must go through 192.168.0.2 and others go through 172.16.0.2.
In squid.conf add :

acl wan1_clinets src 10.0.0.2
acl wan2_clients src 10.0.0.3
acl wan2_clients src 10.0.0.4

tcp_outgoing_address 192.168.0.2 wan1_clients
tcp_outgoing_address 172.16.0.2 wan2_clients

-------------------------------------------------------
but problem is traffic go to default gatway, kindly correct me where is wrong.

hamlindsza · 03-30-2013, 09:06 AM

Squid is a HTTP Proxy, traffic from tracert would not go via squid.

Once youve configured the proxy on 10.0.0.2 got whatismyip.com and check if its routed out via the correct ISP

smjd7 · 04-04-2013, 07:29 AM

Dear hamlindsza

whatismyip.com show default gateway's ISP IP, and routed through default gateways ip