www/squid: tcp_outgoing_address binds to wrong interface
Dimitry Andric
dim at FreeBSD.org
Tue Jun 30 18:54:36 UTC 2015
On 30 Jun 2015, at 18:48, Nick Rogers <ncrogers at gmail.com> wrote:
...
> I am experiencing an issue with squid 3.5.5 and FreeBSD 10.1 where
> tcp_outgoing_address correctly rewrites the source address of outgoing
> packets, but fails to bind the socket to the correct interface.
How do you arrive at this conclusion? In the rest of your mail I see no
squid configuration for this, e.g. you would have to use:
http_port 10.8.8.10:3129
to explicitly bind to the first address on em1. You can add multiple
http_port settings to bind to multiple addresses.
> I've been
> using this kind of setup/configuration for quite some time (since the squid
> 2.7 days), so I believe something between FreeBSD 9.x and 10.1 has broken
> this behavior. FWIW squid 3.3.3 on FreeBSD 9.x behaves correctly with the
> same config. My understanding is that squid merely changes the source
> address as a hint to the kernel routing stack, which makes me believe the
> problem lies outside of squid. I've already sought out help from the
> squid-users mailing list and been told the same thing.
...
> root# netstat -rn | grep default
>
> default 192.168.92.2 UGS em0
Do you have a route for 10.8.8.10 and similar? Those should point to
em1, obviously. If there is no specific route, those packets will
simply go to the default gateway.
-Dimitry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20150630/7897e809/attachment.bin>
More information about the freebsd-ports
mailing list