Squid-reverse - VIP issues, interface LISTEN selection



  • Hi,

    Not so much a problem but rather a request for change perhaps,  or a general FYI..

    I have 2 pfsense boxes set up for fail over using CARP.  CARP was set up prior to the installation of squid-reverse.  In order to have the proxy service fail over I had to add "http_port 10.101.111.3:3128" to the custom options (x.x.x.3 being the VIP between the boxes).  This was necessary as within the webGUI config area for squid,  the 'Proxy Interface' selection menu did not include the VIP interfaces (which is interesting as the heartbeat/sync interface is listed,  but I can't think of a reason you would want to have squid listen on your dedicated heartbeat interface).

    While not necessary or a biggie,  it would be nice to have any VIP interfaces configured listed on the menu along with the other interfaces in some future release.

    take care,
    -g



  • You do not need custom options,

    Select squid to listen on loopback interface only and then create a rdr nat rule to forward from your vip address to 127.0.0.1.



  • @marcelloc:

    You do not need custom options,

    Select squid to listen on loopback interface only and then create a rdr nat rule to forward from your vip address to 127.0.0.1.

    doesn't that seem more complicated than just having it listen on the VIP?  Is there a reason why you would want to do it this way as opposed to binding to the VIP?    I'm not using NAT and would prefer not to,  but if there is a reason one would want to use a redirect and NAT to achieve this,  i'm all ears.

    thanks again Marcel,
    greg



  • There is a xml framework to help package development. In this framework we have a "gui component" that shows available interfaces but not available ips.

    In my case, if I want to change from interfaces list to ips, I have to rewrite whole page in php and leave xml.



  • @marcelloc:

    In my case, if I want to change from interfaces list to ips, I have to rewrite whole page in php and leave xml.

    I understand,  forget that.  8)

    maybe just a help blurb about VIPs and how to configure..  but i'm sure there are many more important items on the radar.

    take care Marcello,
    -g


Log in to reply