Tel : +964 7400 171 060

Mob : +964 7700 826 164

Email : info@snono-systems.com
Web : http://www.snono-systems.com
_________________________________________________________________________________________

SQUID server with multiple Internet sources

In this document I will try to explain how to use multiple internet links from two ISP on the same squid
server , assuming running Linux 2.6 kernel.
In the following scenario I will assume you have two links from two ISP assigned to the same linux box
on eth0 & eth1 :

WAN1 WAN2

IP 192.168.0.10 IP 172.16.0.10
GW 192.168.0.1 GW 172.16.0.1

eth0 eth1

eth2
IP 10.0.0.1

10.0.0.2 10.0.0.3 10.0.0.4

In our scenario , we want client 10.0.0.2 to reach internet through 192.168.0.10 interface and
10.0.0.3 go through 172.16.0.10.

SNONO SYSTEMS Palestine St. St.16 Building 45 Tel : +964 7400 171 060
 Tel : +964 7400 171 060
Mob : +964 7700 826 164
Email : info@snono-systems.com
Web : http://www.snono-systems.com
_________________________________________________________________________________________

First let's take a look at our routing table :

route -n
KernelIProutingtable
DestinationGatewayGenmaskFlagsMetricRefUseIface
192.168.0.00.0.0.0255.255.255.0U100eth0
172.16.0.0 0.0.0.0255.255.255.0 U1 0 0eth1
0.0.0.0192.168.0.10.0.0.0UG000eth0

Note that we have only one default gateway which is 192.168.0.1 through which all of our outoing
traffic goes to , now we need to add another gateway to the system , but without affecting the default
one.

In the following steps we will create new routing table for our second link on 172.16.0.10 and route
traffic originating from this ip through 172.16.0.1

echo1isp2>>/etc/iproute2/rt_tables
iprouteadd172.16.0.0/24deveth1src172.16.0.10tableisp2
iprouteadddefaultvia172.16.0.1deveth1tableisp2
ipruleaddfrom172.16.0.10/24tableisp2
ipruleaddto172.16.0.10/24tableisp2

Now we are doing with IP routing stuff , to test that your routing table is working probably try doing
traceroute using each interface at a time :

#tracerouteieth08.8.8.8
1192.168.0.1(192.168.0.1)0.356ms0.486ms0.513ms
2xxx.xx.xxx.x(xxx.xx.xxx.x)1.813ms2.365ms2.356ms
3842351119.igw.com.sa(84.235.111.9)26.949ms26.948ms27.184ms

#tracerouteieth18.8.8.8
1172.16.0.1(172.16.0.1)1.046ms1.207ms1.898ms
210.0.1.1(10.0.1.1)5.602ms5.605ms5.743ms
379.133.88.13(79.133.88.13)104.516ms104.555ms104.850ms

Now we are done with routing , let's me to squid.conf

SNONO SYSTEMS Palestine St. St.16 Building 45 Tel : +964 7400 171 060
 Tel : +964 7400 171 060
Mob : +964 7700 826 164
Email : info@snono-systems.com
Web : http://www.snono-systems.com
_________________________________________________________________________________________

Squid Part :

Now we have three clients using our squid server , we want to map them to different outoing ip
addresses :

10.0.0.2 => 192.168.0.2

10.0.0.3 => 172.16.0.2
10.0.0.4 => 172.16.0.2
As you see , requests from 10.0.0.2 must go through 192.168.0.2 and others go through 172.16.0.2.
In squid.conf add :

aclwan1_clinetssrc10.0.0.2
aclwan2_clientssrc10.0.0.3
aclwan2_clientssrc10.0.0.4

tcp_outgoing_address192.168.0.2wan1_clients
tcp_outgoing_address172.16.0.2wan2_clients

In case you want to do some load balancing inside linux and let it to decide which route each request
goes to , you can skip the above squid changes and run the following in your linux shell :

iprouteadddefaultscopeglobalnexthopvia192.168.0.2deveth0weight1
nexthopvia172.16.0.2deveth1weight1

The above code will allow you to distribute traffic among your two gateways , and we can prefer one
over the other by changing its weight value.

SNONO SYSTEMS Palestine St. St.16 Building 45 Tel : +964 7400 171 060