Be careful doing this as you will possibly break some websites. Youtube, for example, seems to use cookies based on source address. So, if you are doing NAT with load balancing Youtube videos may or may not come up, depending on if the requests exited the same ISP or not.
-Steve S. -----Original Message----- From: mashenko shenua <[email protected]> Sent: Saturday, January 16, 2010 1:07 PM To: mashenko shenua <[email protected]>; [email protected] <[email protected]> Subject: Re: Round-robin + Squid + 3 ISP Hi, Yes Squid it's running on same machine.. ¿Can you rewrite it? 2010/1/16 Stuart Henderson <[email protected]>: > On 2010/01/16 03:37, mashenko shenua wrote: >> I'm trying to setup a Multiwan OpenBSD firewall. I need to use Squid >> but I cannot setup with rdr and round-robin.. > >> pass in on $int_if route-to \ >> { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ >> proto tcp from $lan_net to any port http > > Does squid run on the firewall itself? If so, this "pass in" rule > will not apply; squid makes its own connection from the firewall, > so the packet will be outbound (i.e. you would need a "pass out > ... route-to {($ext_if1 $ext_gw1) ($ext_if2 $ext_gw2)}" rule). > >
