squid-cache.org

Optimising Web Delivery

• Docs
• Download
• Donate
• Support
• About
• Contact
• Shop
• Blog

Squid configuration directive tcp_outgoing_address

Available in: 3.3   3.2   3.1   2.7   3.HEAD   2.HEAD   3.0   2.6  

History:

Changes in 3.2 tcp_outgoing_address

This parameter is now compatible with persistent server connections. The IPv6 magic 'to_ipv6' hacks needed in 3.1 are now no longer necessary.

Changes in 3.1 tcp_outgoing_address

This option causes some problems when bridging IPv4 and IPv6. A workaround has been provided.

        Squid is built with a capability of bridging the IPv4 and IPv6 internets.
        tcp_outgoing_address as previously used breaks this bridging by forcing
        all outbound traffic through a certain IPv4 which may be on the wrong
        side of the IPv4/IPv6 boundary.

        To operate with tcp_outgoing_address and keep the bridging benefits
        an additional ACL needs to be used which ensures the IPv6-bound traffic
        is never forced or permitted out the IPv4 interface.

        acl to_ipv6 dst ipv6
        http_access allow to_ipv6 !all

        tcp_outgoing_address 2002::c001 good_service_net to_ipv6
        tcp_outgoing_address 10.0.0.2 good_service_net !to_ipv6

        tcp_outgoing_address 2002::beef normal_service_net to_ipv6
        tcp_outgoing_address 10.0.0.1 normal_service_net !to_ipv6

        tcp_outgoing_address 2002::1 to_ipv6
        tcp_outgoing_address 10.0.0.3 !to_ipv6
        

Configuration Details:

	Allows you to map requests to different outgoing IP addresses
	based on the username or source address of the user making
	the request.

	tcp_outgoing_address ipaddr [[!]aclname] ...

	For example;
		Forwarding clients with dedicated IPs for certain subnets.

	  acl normal_service_net src 10.0.0.0/24
	  acl good_service_net src 10.0.2.0/24

	  tcp_outgoing_address 2001:db8::c001 good_service_net
	  tcp_outgoing_address 10.1.0.2 good_service_net

	  tcp_outgoing_address 2001:db8::beef normal_service_net
	  tcp_outgoing_address 10.1.0.1 normal_service_net

	  tcp_outgoing_address 2001:db8::1
	  tcp_outgoing_address 10.1.0.3

	Processing proceeds in the order specified, and stops at first fully
	matching line.

	Squid will add an implicit IP version test to each line.
	Requests going to IPv4 websites will use the outgoing 10.1.0.* addresses.
	Requests going to IPv6 websites will use the outgoing 2001:db8:* addresses.


	NOTE: The use of this directive using client dependent ACLs is
	incompatible with the use of server side persistent connections. To
	ensure correct results it is best to set server_persistent_connections
	to off when using this directive in such configurations.

	NOTE: The use of this directive to set a local IP on outgoing TCP links
	is incompatible with using TPROXY to set client IP out outbound TCP links.
	When needing to contact peers use the no-tproxy cache_peer option and the
	client_dst_passthru directive re-enable normal forwarding such as this.

Back

Search

Introduction

• About Squid
• Why Squid?
• Squid Developers
• How to Help Out or Donate
• Getting Squid
• Squid Source Packages
• Squid Deployment Case-Studies
• Squid Software Foundation

Documentation

• Configuration:
  • Reference
  • Examples
• FAQ and Wiki
• Guide Books:
  • Beginners
  • Definitive
• Non-English
• More...

Support

• Security Advisories
• Bugzilla Database
• Mailing lists
• Contacting us
• Commercial services
• Project Sponsors
• Squid-based products

Miscellaneous

• Developer Resources
• Related Writings
• Related Software:
  • Authenticators
  • Icap
  • Ident
  • Log Analysis
  • Monitor
  • Proxies
  • Redirectors
  • General
• Squid Artwork

Web Site Translations

• Japanese

Mirrors

• Website:
• at dk eu gr gr il is it jp nl pl pl tr tw us us za ... full list
• 
  
• FTP Package Archive