On Mon, 2002-11-25 at 05:08, Arindam Haldar wrote:> hi all,
hi,
>
> We are using squid 25s1 with kernel 2.4.19 and iproute2(+julian''s
> Pathes) with the following acl..
>
> acl short_path dst 128.0.0.0/8
> tcp_outgoing_address myIp2nd short_path
>
> we are linked to 2 isp--one having satelite & the other OFC. We want
the
> above mentioned network to go thru OFC(ispB) as the sibling resides
> there. But when i use squidclient mgr:server_list command i see that rtt
> is still 650ms which is the time taken by satelite provider(ispA). The
> OFC takes 230ms.
>
ip rule add prio 50 to 128.0.0.0/8 lookup ispB
should do the trick.
> My Question is--
> what can be done so that squid uses path according to the interface
> defined ?
I''m not sure to understand your question. But if you want all packets
sent by squid to use a specific gateway, you need to mark them, and
route them according to this.
Eg,
iptables -t mangle -A OUTPUT -m owner --uid-owner squid_uid -j MARK
--set-mark 1
Then,
ip rule add prio 50 fwmark 1 lookup ispX
> how can local generated packets(on the linux box) uses a path as wanted
> by us(in the rules) ?
>
Same answer, mark them.
iptables -t mangle -A OUTPUT -j MARK --set-mark 2
Then, instruct the kernel to route marked packets through a specific ISP
ip rule add prio 50 fwmark 2 lookup ispX
> Awaiting a reply/suggestion/experience from you very anxiously..
Hope this helps.
Cheers,
Vincent.
>
> A.H
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
--
Vincent Jaussaud
Kelkoo.com Security Manager
email: tatooin@kelkoo.com
"The UNIX philosophy is to design small tools that do one thing, and do
it well."
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/