> If you use the
>
> http://www.openbsd.org/faq/pf/pools.html#outgoing
>
> method as I use now then even through the outgoing address will be
> changed for 50% of the packets those same packets will be routed out
> through the default interface only :-(
First of all I don't know anything about OpenBSD but we have to
know, making squid use a particular tcp_outgoing_address is as much
as what we can ask squid to do, actual routing decision should
rightfully be left to the OPERATING SYSTEM. In Linux, all these
things are addressed :-
1. You can use POLICY ROUTING - one of the capabilities of policy
routing is be able to route based on SOURCE IP instead of destination
IP.
2. You can use MULTI PATH ROUTING - ie you can start a session
based on certain relative weight you assign to a default route.
3. You can also use netfilter 'recent'/CONNMARK match - they allow
you to tie a session to an interface for a configurable amount of
time.
I might not be even exhaustive here.
All in all, my conclusion is this :- You really have to look hard to
the operating system for this instead of squid. If you have exhausted
the capabilities of OpenBSD, you would have to throw it away !
:-)
Received on Thu Nov 22 2007 - 18:42:16 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST