Hello, I have tried doing this several time before and have spent quite a significant time trying to accomplish what you are doing but in the long run, running squid and have it loadbalanced through two wan connections in a single machine is just too complicated or not possible as of the moment. What I ended up doing is virtualize two machines in one box. Installing openbsd on one VM to do the wan loadbalancing and another VM for squid (i used freebsd on the squid VM) and just did internal networking to connect both. this would introduce more latency though and i/o speed may be hampered. you can also separate both services (squid, loadbalancing) on different physical machines.
Cheers, - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - k a h l i l e r w i n t a l l e d o tp: +1.284.440.0102 im: [email protected] fb: www.facebook.com/kstalledo "little knowledge that acts is worth infinitely more than much knowledge that is idle." - k. gibran On Jan 16, 2010, at 9:36 AM, mashenko shenua wrote: > Hi, > > Yes Squid it's running on same machine.. ¿Can you rewrite it? > > 2010/1/16 Stuart Henderson <[email protected]>: >> On 2010/01/16 03:37, mashenko shenua wrote: >>> I'm trying to setup a Multiwan OpenBSD firewall. I need to use Squid >>> but I cannot setup with rdr and round-robin.. >> >>> pass in on $int_if route-to \ >>> { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ >>> proto tcp from $lan_net to any port http >> >> Does squid run on the firewall itself? If so, this "pass in" rule >> will not apply; squid makes its own connection from the firewall, >> so the packet will be outbound (i.e. you would need a "pass out >> ... route-to {($ext_if1 $ext_gw1) ($ext_if2 $ext_gw2)}" rule). >> >>
smime.p7s
Description: S/MIME cryptographic signature
