> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > mashenko shenua > Sent: Monday, January 18, 2010 12:42 PM > To: [email protected] > Subject: Re: Round-robin + Squid + 3 ISP > > ok, > > What its the nice solution : > > 1=BA. Using tcp_outgoning_address with Aclrandom or similar > 2=BA. Not using Two wans,(If I can route WWW, HTTPS, Trought wan2 its > fine for me). I want to route then FTP trought wan3, and Jabber/MSN.. > trought WAN1 =BFAny example code with my config? > 3=BA. Not using Squid
A nice solution for what? If you want to use Squid, then there is no "nice solution" on OBSD...yet. If you want to use two WANs w/o squid then just try sticky-addresses to ensure the client uses the same outbound NAT'd address. Please let me know if this works as the last time I tried sticky-addresses (3.8ish days) I had problems with it. You will still need to detect when a WAN link goes down as PF does not do this. I use ifstated for this and have posted several times to this list (or misc) on how I do this, just search for my name at marc.info. I have found it more reliable to do (2) above, where user traffic (HTTP[S]/FTP) uses a higher capacity link via Squid, inbound services (VPN, web) use a moderate capacity link, on which I keep bursty user traffic to a minimum and most other outbound is load balanced. I also find altq handy. Then again, I have another set-up where I dedicate a set of users to one link and another set of users to another link. Again, ifstate with anchors manages the failover & failback. -Steve S.
