pf  

Re: Round-robin + Squid + 3 ISP

Kahlil Erwin S. Talledo
Sun, 17 Jan 2010 01:13:26 -0800

I just use freebsd on the squid VM since squid performs better/faster on 
freebsd.


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
k a h l i l   e r w i n   t a l l e d o

tp: +1.284.440.0102
im: talledo...@yahoo.com
fb: www.facebook.com/kstalledo

"little knowledge that acts is worth infinitely more than
much knowledge that is idle."  - k. gibran








On Jan 16, 2010, at 3:12 PM, mashenko shenua wrote:

> I think this can be work.. I don't understand why two OS.
> 
> 2010/1/16 Kahlil Erwin S. Talledo <kstall...@binarysalad.com>:
>> Hello,
>> 
>> I have tried doing this several time before and have spent quite a 
>> significant time trying to accomplish what you are doing but in the long 
>> run, running squid and have it loadbalanced through two wan connections in a 
>> single machine is just too complicated or not possible as of the moment. 
>> What I ended up doing is virtualize two machines in one box. Installing 
>> openbsd on one VM to do the wan loadbalancing and another VM for squid (i 
>> used freebsd on the squid VM) and just did internal networking to connect 
>> both. this would introduce more latency though and i/o speed may be 
>> hampered. you can also separate both services (squid, loadbalancing) on 
>> different physical machines.
>> 
>> Cheers,
>> 
>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> k a h l i l   e r w i n   t a l l e d o
>> 
>> tp: +1.284.440.0102
>> im: talledo...@yahoo.com
>> fb: www.facebook.com/kstalledo
>> 
>> "little knowledge that acts is worth infinitely more than
>> much knowledge that is idle."  - k. gibran
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> On Jan 16, 2010, at 9:36 AM, mashenko shenua wrote:
>> 
>>> Hi,
>>> 
>>> Yes Squid it's running on same machine.. ¿Can you rewrite it?
>>> 
>>> 2010/1/16 Stuart Henderson <s...@spacehopper.org>:
>>>> On 2010/01/16 03:37, mashenko shenua wrote:
>>>>> I'm trying to setup a Multiwan OpenBSD firewall. I need to use Squid
>>>>> but I cannot setup with rdr and round-robin..
>>>> 
>>>>> pass in on $int_if route-to \
>>>>> { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) }  round-robin \
>>>>> proto tcp from $lan_net to any port http
>>>> 
>>>> Does squid run on the firewall itself? If so, this "pass in" rule
>>>> will not apply; squid makes its own connection from the firewall,
>>>> so the packet will be outbound (i.e. you would need a "pass out
>>>> ... route-to {($ext_if1 $ext_gw1) ($ext_if2 $ext_gw2)}" rule).
>>>> 
>>>> 
>> 
>>

Attachment: smime.p7s
Description: S/MIME cryptographic signature